SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
AI
#
Breach Prevention
#
EduTech

Content platforms exploited for phishing attacks, warns Barracuda

Tue, 17th Sep 2024
Author image
By Catherine Knowles, Journalist

Barracuda threat analysts have identified a new trend in phishing attacks, where cyber criminals are exploiting content creation and collaboration platforms commonly used by educational institutions, graphic designers, and various businesses globally.

According to the latest research, these platforms, which boast millions of users worldwide, are being utilised to send emails featuring legitimate-looking posts, designs, and documents with embedded phishing links.

Recipients who click on these links are redirected to fraudulent login pages or other deceitful websites, designed to steal sensitive information such as login credentials and personal data. In one instance observed by Barracuda analysts, voicemail phishing links were hosted on a content creation platform.

Saravanan Govindarajan, Manager, Threat Analysis at Barracuda, remarked on the evolving tactics of cyber criminals. "The increase in phishing attacks leveraging trusted content creation and collaboration platforms highlights a shift in cyber criminal tactics towards the misuse of popular, reputable online communities to implement attacks, evade detection, and exploit the confidence that people have in such platforms."

Govindarajan underscored the importance of vigilance and robust security measures that can adapt to these evolving threats in order to protect personal information and intellectual property.

This new research complements a series of recent reports from Barracuda, which have demonstrated how attackers behind email threats are refining their tools and techniques to enhance their success rates and avoid detection by advanced security tools. The analysts have reported various methods used by cyber criminals, including the use of QR codes, popular webmail services, and URL shorteners, alongside sophisticated infostealers designed to exfiltrate potentially significant volumes of data.

To protect against these threats, Barracuda recommends that email recipients exercise caution when invited to click on links in unsolicited emails or messages from unknown senders. Additional warning signs include suspicious calls to action and landing sites that appear unexpected or illogical, such as a non-Microsoft service asking for Microsoft login credentials.

Barracuda also stresses the importance of using email protection solutions that feature multilayered, AI- and machine-learning-powered detection capabilities to prevent such attacks from reaching user inboxes.

Barracuda works on the mission statement that 'every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use.' Barracuda protects email, networks, data, and applications with innovative solutions that grow and adapt with customers' journeys. Many organisations worldwide trust the company to protect and support them so they can focus on taking their business to the next level.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Report: 80% of critical infrastructure hit by email breaches
NinjaOne offers free tools to MSPs amid market pressures
ACS announces sponsorship of ACIS2024 in Canberra this December
crowdstrike, aws & nvidia launch cybersecurity accelerator
Pexa unveils secure GenAI platform with Thoughtworks, AWS
Top stories
Sectigo launches pkimetal to streamline certificate linting
Selling ransomware breaches: Four trends spotted on the RAMP forum
Australian tech firms urge adoption of #ITProDayStraya
AI & quantum computing: progress & future challenges
Radware named major player in IDC MarketScape WAAP report