Security researchers have revealed criminals’ new tactics to impersonate major brands to steal and harvest victims’ credentials.
Researchers at Avanan, a Check Point company, said hackers impersonate major brands to perform phishing attempts. One frequently seen attempt mimics legit communications from DocuSign.
When DocuSign sends an email, it offers recipients an “Alternative Signing Method.” DocuSign prompts the recipient to visit https://www.docusign.com and enter a security code the company generates. This site then offers users more than one option to access and electronically sign their documents.
In a recent campaign researchers are following, hackers send an email that impersonates DocuSign from a docusign.net address that appears to be on behalf of an administrator. In this email, the attackers request the user view and sign a document and offer an alternative signing method.
The link to the alternative method leads users to a fake website where they must enter their password. Hackers then steal the email address and password as part of a credential harvesting campaign.
Researchers revealed other commonly impersonated brands, which tend to be trusted and popular ones. The top three most impersonated brands are Microsoft, which is related to 45% of all brand phishing attempts globally, DHL (26%), and Amazon (11%).
RELATED RESOURCE
Other research carried out by the company found that 51.9% of all impersonation emails attempted to impersonate a non-executive in the organization. Non-executives are targeted 77% more often than other members of an organization.
“There are a few reasons behind this. One, security admins might be spending a lot of time providing extra attention to the C-Suite and hackers have adjusted. Two, non-executives still hold sensitive information and have access to financial data. There is no need to go all the way up the food chain,” said Jeremy Fuchs, content manager at Avanan.
Fraudulent digital signature use has led some companies to increase security surrounding e-signatures. For example, ESign Genie announced its digital signature platform would support knowledge-based authentication by adding an extra layer of security through authenticating document recipients’ identities before issuing viewing or editing rights. Esign Genie’s feature improves the security of sensitive, private, or protected documents by mandating a Social Security number.
-
Criminals target APIs as web attacks skyrocket globallyNews More than a third of web attacks target APIs as AI expands attack surfaces and brings new security challenges
-
What to look out for at RSAC Conference 2025Analysis Convincing attendees that AI can revolutionize security will be the first point of order at next week’s RSA Conference – but traditional threats will be a constant undercurrent
-
Only ever use black bars to redact text, warns security researcherNews Researcher Dan Petro shows how pixelation can be easily reversed using algorithms
-
FBI warns scammers are using cryptocurrency ATMs to siphon cashNews Criminals will stay on phone with victims as they make payments, says advisory
-
Account takeovers rise nearly threefold during pandemicNews Financial services hit hardest by account hijackers, says Sift report
-
Cyber criminals leak one million credit cards on the dark webNews Among the stolen hoard are customer details from US and Canadian banks
-
SentiLink raises $70 million for its identity verification platformNews SentiLink’s ID Theft Score helps businesses combat synthetic fraud
-
Content fraud levels continue to rise in 2021
News The pandemic has ushered in a new level of scams and misinformation
-
What is DMARC and how can it improve your email security?In-depth Protect your customers and brand rep with this email authentication protocol for domain spoofing
-
FTC warns of rising cryptocurrency fraudNews Marked rise in cryptocurrency losses began just as pandemic took hold
