A new report out today from phishing defense company Cofense Inc. is warning of increasingly sophisticated phishing attacks that exploit trusted email security companies such as Proofpoint Inc., Mimecast Ltd. and Virtru Corp. to trick users into divulging sensitive credentials.

The attacks use fake email attachments, phishing links and credential-harvesting tactics to compromise sensitive data. By mimicking well-known brands, threat actors increase the likelihood that the recipients will trust the malicious emails and engage with harmful content, ultimately exposing critical information.

The report goes through various examples, starting with Proofpoint, a popular email security provider. The researchers at Cofense observed attackers crafting highly convincing spoofed emails that mimic Proofpoint’s secure email branding.

The emails often include embedded links or HTML attachments designed to redirect victims to fake login pages. The recipients are tricked into entering their credentials, giving the attackers unauthorized access to sensitive accounts and enabling further phishing attacks within organizations.

Users of Mimecast, another leading email security vendor, have also been targeted by increasingly sophisticated phishing campaigns. In this example, threat actors were observed leveraging Mimecast’s credibility to distribute malicious emails that included fake attachments and cleverly worded messages.

As is often typical in these cases, the emails appear legitimate but digging deeper, there are obvious signs that all is not quite right, such as mismatched sender domains and the use of free email services such as Gmail. Attackers exploit these tactics to trick victims into entering their credentials on counterfeit login pages.

The third example involves another email security provider Virtru, with threat actors crafting phishing emails with embedded links to Google Docs that replicate Virtru’s branding and email content. The links guide users to credential phishing pages that are designed to look like official Virtru login portals in an attempt to harvest credentials.

“This rise in sophisticated phishing and malware attacks has led to numerous data breaches, violating the privacy and integrity of sensitive information,” the Cofense report notes.

The report emphasizes the need for heightened vigilance and proactive security measures to combat evolving threats highlighted in the examples. Organizations are also urged to implement multifactor authentication, train employees to recognize phishing attempts, and use advanced threat detection systems to reduce the risk.

Image: SiliconANGLE/Ideogram