Phish Swims Past Email Security With Milanote Pages
#1
Information 
Quote:The Milanote app, billed as the “Evernote for creatives” by reviewers, has attracted the notice of cybercriminals who are abusing it to carry out credential-stealing campaigns that skate past secure email gateways (SEGs), researchers said.
 
Milanote is a tool for organizing and collaborating on creative projects. Users can arrange their projects into handy visual boards that can be shared and collaboratively edited, with the ability to add notes, images, links, files and so on. It counts several heavy hitters as customers, including Chanel, Facebook, Google, Nike and Uber, among many others.
 
According to analysis from Avanan released Thursday, attackers are looking to hook victims by starting off with a simple email. It has the subject line, “Invoice for Project Proposal.” The email body is pretty bare-bones, saying only, “Hello. See attached invoice for the above referenced project. Please contact me if you have questions or need additional information. Thank you.” It doesn’t contain any personalization, logos or other social-engineering aspects.
 
“The email itself is pretty standard issue,” Gil Friedrich, CEO and co-founder of Avanan, told Threatpost in an interview. “It gets attention with the subject of ‘Invoice for Project Proposal.’ It’s certainly not the most sophisticated effort in the world, however, it understands what emails can get past static scanners, including, in this case, Milanote.”
 
Should a target open the attachment, a document opens that contains one line (“I have shared a file with you. Please click link[s] below to download”) followed by a clickable button that says “Open Docs.”
 
If the person clicks the button, they’re taken to a page hosted in the Milanote service:
Clicking this final link takes the target to a phishing page that attempts to harvest various types of credentials, researchers said.

Read more: Phish Swims Past Email Security with Milanote Pages | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
jasonX's profile jasonX
Administrator

>