Phishing attacks continue to increase each quarter and year. They are also becoming more complex and are being delivered through a wide range of online platforms. It only serves to increase the challenges businesses face protecting their assets, workforces, and customers.
Trustifi, through its Inbound Shield solution and comprehensive remediation services, detected and shut down a hostile brand impersonation phishing attack on a cloud technology provider in the IT market that serves close to 100,000 businesses.
The hacking organization mounted a fake site that mimicked one of the provider's core cloud services. An email invited the provider's customers to log into the false site, asking them to confirm their credentials to secure their accounts through an HTML attachment, which was a realistic duplicate of the provider's service login page.
"Threats from malicious sources have become more brazen and conniving than ever,” said Rom Hendler, CEO and co-founder of Trustifi. “In this case, the cloud service provider had nothing to do with the attack. Their customers were independently pursued and fooled into clicking on the rogue page."
Trustifi's AI-powered email security algorithms flagged the suspicious email, which was subsequently quarantined by the Trustifi Inbound Shield solution. Inbound Shield imposes a layer of protection between the organization’s email system and the outside world. Using AI and dynamic engines, Inbound Shield is designed to identify and block suspicious inbound emails.
The system notified the Trustifi Security team. The team then alerted the provider, conducted remediation and confirmed that more than 200 usernames and passwords were delivered through the hijacked website.
Trustifi investigated the offending email to find out the hacker group’s background. The team also contacted security agencies and industry manufacturers to report the incident and seek any available guidance to combat the effects of the compromise.
Trustifi's proactive mediation shut down the phishing site, potentially saving tens of thousands of the cloud provider's customers from revealing their data to the hackers. The cloud provider and Trustifi's team reached out to the affected customers with recommendations on how to proceed.
"We rapidly brought the attack under control, stemming any further impact and neutralizing the criminals,” said Hendler.
Trustifi's response, its Inbound Shield solution and its remediation prowess suppressed a potential damaging compromise of the cloud provider's customer base.
Edited by
Erik Linask
