-
Microsoft Defender Threat Sharing Integration
The Multi-Vector Threat Reality A successful phishing campaign targeting your employees doesn't end when malicious content reaches an inbox. It extends to endpoint compromise, lateral movement, and data exfiltration. Yet most organizations find themselves managing these interconnected threats through isolated security…
-
Awardco Employee Rewards Platform Phishing Campaign : 18 August 2025
Key Points Multi-month campaign impersonating Awardco employee rewards platform targeting entire organizations since May 2025 Sophisticated evasion using multiple redirect chains, legitimate security URL solutions, and various delivery methods including QR codes Campaign leverages universal employee expectation of rewards…
-
UK Home Office Phishing Campaign Targeting Visa Sponsor Licence Holders : 12 August 2025
Key Points Phishing campaign targeting UK sponsor licence holders through fraudulent Home Office impersonation Attackers seek to compromise Sponsorship Management System (SMS) credentials for financial exploitation and data theft Campaign utilizes captcha-gated URLs and convincing government domain spoofing to bypass…
-
BEC Campaign Using AI Generated Fake Email Threads. : 11 August 2025
Key Points Large-scale BEC invoice fraud campaign targets global organizations across multiple industries using urgent payment requests to exploit time-sensitive business processes. Attackers deploy sophisticated automation including AI-generated email content, programmatic file creation, and headless browser technology…
-
Direct Send Abuse : 6 August 2025
Key Points Threat actors are actively exploiting Microsoft 365's Direct Send feature to deliver phishing emails The technique effectively circumvents perimeter security solutions by routing malicious emails through Microsoft 365's trusted infrastructure Requires no credentials or tokens, only knowledge of the target domain…
-
Human Risk Command Center: A Deep Dive
Welcome to part one of our two-part deep dive into Mimecast's Human Risk Command Center (HRCC). In this first installment, we'll explore what the Command Center is and how it operates from a workflow perspective. Part two will focus exclusively on adaptive policies—examining how these intelligent controls automatically…
-
HTML Tag Obfuscation : 21 July 2025
Key Points Threat actors utilizing HTML tag obfuscation to evade email security detection CSS styling techniques render malicious content evading security solutions while appearing legitimate to end users Brand impersonation campaigns leveraging Microsoft copyright obfuscation Campaign Overview The Mimecast Threat Research…
-
Grandoreiro Infostealer Campaign : 4 August 2025
Key Points The Grandoreiro banking trojan targets financial institutions and users across Latin America and is expanding globally. Sophisticated phishing campaigns impersonate government tax agencies and law enforcement. Geofenced infrastructure ensures targeted delivery to specific regions. Multi-stage attacks leverage…
-
Sextortion scams using invoicing and accounting services for distribution : 14 July 2025
Key Points Sextortion scams distributed through online invoicing and accounting services There similar campaigns identified using same Bitcoin address for payment Evasion techniques used to bypass security solutions Predominately targeting US and Australian businesses The Mimecast Threat Research team has identified a new…
-
Administration Console Menu Update
Mimecast is committed to continuously improving the user experience for our customers. As part of this effort, we’re excited to announce upcoming changes to the Administration Console menu. These changes are designed to streamline navigation, reduce complexity, and provide a foundation for future improvements. Why are we…
-
Turn Security Data into Strategic Value with the Mimecast Human Risk Insights Report
Security leaders face a persistent challenge: demonstrating the tangible value of cybersecurity investments to executive leadership and boards. While threat detection numbers pile up in dashboards, translating those statistics into meaningful impact remains complex. We’re excited to announce the Mimecast Human Risk…
-
Adaptive Policies in Action
In our previous post, we explored the Human Risk Command Center (HRCC) and how it transforms abstract human behavior into quantifiable metrics. Now we're diving deep into adaptive policies—the intelligent controls that automatically adjust security measures based on user behavior and organizational threats. Read…
-
Astaroth Infostealer Campaign : 16 June 2025
Key Points What you'll learn in this notification Information stealer Trojan that predominantly targets Brazil and Mexico with a financial motive. Employs country-specific social engineering tactics. Leverages newly registered, low-reputation domains that impersonate legitimate services. Samantha Clarke and the Mimecast…
-
German Tax and Accident Insurance Institution Impersonation : 03 June 2025
Key Points What you'll learn in this notification Attackers exploit institutional trust through sophisticated German tax authority impersonation. Emails appear to be generated by custom spam scripts with forged Thunderbird headers and high variability in subjects and sending email addresses Predominantly targeting…
-
Revolutionizing Security Awareness & Training with Mimecast
In today's landscape of increasingly sophisticated cybersecurity threats, traditional security awareness training often fails to address the unique risks posed by individual employees. Mimecast is revolutionizing this approach by shifting from generic compliance-driven programs to a personalized, risk-based strategy that…
-
Scattered Spider using fake CAPTCHA to evade detection : 22 May 2025
Key Points What you'll learn in this notification More than 150k phishing campaigns impersonating service providers including, SendGrid, HubSpot, Google and Okta Predominately sent from white-labelled SendGrid accounts Use of fake CAPTCHA to evade detection Recent campaigns predominately targeting Retail and Software as a…
-
OAuth Abuse : 5th May 2025
Key Points What you'll learn in this notification Campaign using OAuth applications Users are redirected to malicious pages Campaign Objective: possible Reconnaissance and Data Collection plus credential phishing Recent campaigns predominately target Real Estate and Professional Service businesses in the US The Mimecast…
-
Moved: The Impact of New Outlook on Mimecast Products: What You Need to Know
This discussion has been moved.
-
Please help us improve our Threat Intelligence Notifications
Have you read the Threat Intelligence Notifications published on the Mimecast Threat Intelligence Hub? I am asking you to share your experience to help us make them as useful as possible for everyone: Please share at least one example of a specific TIN article that prompted you/your team to take action after reading it.…
-
SVG Attachment Abuse : 31st March 2025
Key Points What you'll learn in this notification Campaign using Scalable Vector Graphics (SVG) with JavaScript redirects Users are redirected to credential harvesting pages or download malware Rikesh Vekaria, Marcin Ulikowski, and the Mimecast threat researchers have recently identified several campaigns utilising…