There is an ongoing phishing campaign that has started abusing legitimate services to bypass secure email gateways to send phishing emails disguised as notifications from video conferencing services, security solutions, or productivity tools. Scammers are using compromised SendGrid and MailGun email accounts to take advantage of their trusted domains. They’re also abusing Amazon Simple Email Service to send these phishing emails, while the URLs used in these scams are being generated on Appspot. Microsoft is advising organizations to review their mail flow rules to catch any broad exceptions that could let these phishing emails through.
An ongoing phishing campaign has begun abusing legitimate services to bypass secure email gateways to send phishing emails.
The group behind the REvil Ransomware has started to use two new tactics to extort ransom from victims.