Weekly Email Security News Recap #2 [September 2022]

Almost every organization’s work environment has experienced changes in the face of the health crisis during previous years. Working remotely became a necessity which drastically changed the cybersecurity landscape.

Data breaches, phishing attacks, and cybercrime became daily occurrences—something that’s still prevalent today.

DevOps Experience 2022

In this recap, we’ll cover email security news and cybersecurity news of the past week.

After the death of British monarch Queen Elizabeth II, a flow of condolences began worldwide. This situation was, of course, an opportunity for cybercriminals to exploit. 

On Wednesday, Proofpoint cybersecurity researchers revealed that threat actors launched a phishing attack to access Microsoft accounts of unsuspecting users.

How does this phishing scam work?

To steal the users’ data, hackers used a refined phishing-as-a-service toolkit that recently came to light.

The attack begins with an email from “The Microsoft Team,” effectively spoofing the official emails of the company.

By impersonating Microsoft, the bad actors invite targets to write their condolences to the deceased Queen on an “interactive AI memory board.” 

When clicking the link, victims are redirected to a credential harvesting page where they have to log in to their Microsoft account. 

The EvilProxy phishing kit works in the background and compromises accounts during this process by stealing login details and MFA tokens.

EvilProxy is sold on the Dark Web, meaning any bad actor can commit such cybercrimes.

Diário de Notícias, Portugal’s top news outlet, broke news of the country’s central military unit EMGFA being targeted in a cyberattack. 

As a result, many confidential NATO documents sent to Portugal were compromised.

Attack Details

Portugal’s armed forces’ central unit, EMGFA, stores secret NATO information, making this data breach extremely dangerous. 

After discovering sensitive NATO documents for sale on the Dark Web, American intelligence agencies alerted Portugal’s Prime Minister António Costa.

The breach reportedly occurred due to officials breaking security protocols by using an unsecured connection to send and receive documents.

The Government responded that it aims to protect its armed forces and the Defense Ministry’s credibility as a founding member of NATO. 

NATO has demanded an explanation from the Portuguese Government concerning the data leak, resulting in two government officials visiting the NATO headquarters in Brussels, where a high-level meeting will take place next week. 

Final Thoughts

Remaining constantly alert and preparing for potential cloud and web attacks must be the main priority for any organization. As you’ve seen, cyberattackers are always on the prowl to steal personal information, and data breaches can happen to high-level authorities too.

The costs of a data breach can be extensive, so secure your organization and protect your email domain with EasyDMARC.

The post Weekly Email Security News Recap #2 [September 2022] appeared first on EasyDMARC.

*** This is a Security Bloggers Network syndicated blog from EasyDMARC authored by Knarik Petrosyan. Read the original post at: https://easydmarc.com/blog/weekly-email-security-news-recap-2-september-2022/