Trustifi Suppresses Conniving Brand Imposter Phishing Attack


Trustifi Suppresses Conniving Brand Imposter Phishing Attack

By Greg Tavarez

Phishing attacks continue to increase each quarter and year.  They are also becoming more complex and are being delivered through a wide range of online platforms. It only serves to increase the challenges businesses face protecting their assets, workforces, and customers.

Trustifi, through its Inbound Shield solution and comprehensive remediation services, detected and shut down a hostile brand impersonation phishing attack on a cloud technology provider in the IT market that serves close to 100,000 businesses.

The hacking organization mounted a fake site that mimicked one of the provider's core cloud services. An email invited the provider's customers to log into the false site, asking them to confirm their credentials to secure their accounts through an HTML attachment, which was a realistic duplicate of the provider's service login page.

"Threats from malicious sources have become more brazen and conniving than ever,” said Rom Hendler, CEO and co-founder of Trustifi. “In this case, the cloud service provider had nothing to do with the attack. Their customers were independently pursued and fooled into clicking on the rogue page."

Trustifi's AI-powered email security algorithms flagged the suspicious email, which was subsequently quarantined by the Trustifi Inbound Shield solution. Inbound Shield imposes a layer of protection between the organization’s email system and the outside world. Using AI and dynamic engines, Inbound Shield is designed to identify and block suspicious inbound emails.

The system notified the Trustifi Security team. The team then alerted the provider, conducted remediation and confirmed that more than 200 usernames and passwords were delivered through the hijacked website.

Trustifi investigated the offending email to find out the hacker group’s background. The team also contacted security agencies and industry manufacturers to report the incident and seek any available guidance to combat the effects of the compromise.

Trustifi's proactive mediation shut down the phishing site, potentially saving tens of thousands of the cloud provider's customers from revealing their data to the hackers. The cloud provider and Trustifi's team reached out to the affected customers with recommendations on how to proceed.

"We rapidly brought the attack under control, stemming any further impact and neutralizing the criminals,” said Hendler.

Trustifi's response, its Inbound Shield solution and its remediation prowess suppressed a potential damaging compromise of the cloud provider's customer base.

Edited by Erik Linask

MSPToday Editor

Related Articles

Unifi Connects Employees to T-Mobile 5G Network

By: Greg Tavarez    9/28/2022

Unifi selected T-Mobile and Hyperion for a Managed Mobility program to give employees a personal 5G smartphone.

Read More

Teams Direct Routing for MSP Revenue

By: Gary Audin    9/27/2022

Team Direct Routing is a way to connect Microsoft's Phone System to the PSTN via an existing PBX, Unified Communications system, or a third-party tele…

Read More

End-User Privacy and Mobile Security Coexist in Q-Scout

By: Greg Tavarez    9/27/2022

Quokka believes end-user privacy and mobile security should coexist in a secure BYOD network and launched Q-Scout to provide proactive, privacy-first …

Read More

CrowdStrike Intros Partner Progam, Adds Elite Tier for Business Growth

By: Stefania Viscusi    9/27/2022

The CrowdStrike Powered Service Provider Program (CPSP) includes value-added solution bundles and is adding an elite tier to incentivize MSPs.

Read More

Escalating Ransomware Diminishes Organizations' Confidence

By: Greg Tavarez    9/26/2022

SpyCloud revealed in its "2022 Ransomware Defense Report" that 90% of organizations were affected by ransomware in some capacity over the past 12 mont…

Read More