-
Astaroth Infostealer Campaign : 16 June 2025
Key Points What you'll learn in this notification Information stealer Trojan that predominantly targets Brazil and Mexico with a financial motive. Employs country-specific social engineering tactics. Leverages newly registered, low-reputation domains that impersonate legitimate services. Samantha Clarke and the Mimecast…
-
German Tax and Accident Insurance Institution Impersonation : 03 June 2025
Key Points What you'll learn in this notification Attackers exploit institutional trust through sophisticated German tax authority impersonation. Emails appear to be generated by custom spam scripts with forged Thunderbird headers and high variability in subjects and sending email addresses Predominantly targeting…
-
Scattered Spider using fake CAPTCHA to evade detection : 22 May 2025
Key Points What you'll learn in this notification More than 150k phishing campaigns impersonating service providers including, SendGrid, HubSpot, Google and Okta Predominately sent from white-labelled SendGrid accounts Use of fake CAPTCHA to evade detection Recent campaigns predominately targeting Retail and Software as a…
-
OAuth Abuse : 5th May 2025
Key Points What you'll learn in this notification Campaign using OAuth applications Users are redirected to malicious pages Campaign Objective: possible Reconnaissance and Data Collection plus credential phishing Recent campaigns predominately target Real Estate and Professional Service businesses in the US The Mimecast…
-
Why AI Alone Isn't Enough to Stop BEC Attacks (Webinar)
AI is vital for BEC defense, but it must be integrated with traditional methods to manage false positives and management tasks. Join us where we dissect the intricacies of BEC attacks, and how Mimecast's Human Risk Management platform provides actionable insights for targeted mitigation strategies. Join Edwin Moreno, Field…