Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes
#1
Information 
Quote:A pair of billing and tech support “vishing” attacks using Geek Squad and Norton Antivirus as cover managed to hit 25,000 mailboxes recently, questing after victims’ credit-card details.
 
Vishing (a contraction of “voice phishing”) generally involves stealing personal information from victims over the phone or leaving fraudulent voice messages. In this case, researchers said the gambit consisted of sending fake order receipts via email, and then including phone numbers to call “for processing order returns.”
 
According to researchers at Armorblox, the emails bypassed native Microsoft email security controls along with email security engines like Exchange Online Protection (EOP) and Proofpoint, landing in tens of thousands of corporate inboxes.
 
“Microsoft assigned a spam confidence level (SCL) of ‘-1’ to both emails,” explained researcher Abhishek Iyer, writing in a Thursday posting. “This means the emails skipped spam filtering because Microsoft determined they were from a safe sender to a safe recipient or were from an email source server on the ‘IP Allow’ list.”

Read more: Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes | Threatpost
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07
AirVPN Christmas Sale 2024!
AirVPN CHRISTMAS SAL...jasonX — 07:52
ON1 Software
ON1 Photo RAW 2025.1...jasonX — 06:29
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>