Cyber Researcher Finds New Fraud, Phishing Via ESPN

Illustration of fake email (photo: Kaspersky)

JAKARTA - Cybercriminals often target the billionaires used by the company to reach their customers, thus providing opportunities for spamming, phishing, and other advanced scams.

Access to legitimate tools for sending mass emails further increases the success rate of the attack. As a result, attackers often try to infiltrate the company's account with an email service provider (ESP).

In a recent study, Kaspersky has discovered a phishing campaign that refined this attack method by taking SendGrid ESP credentials by sending direct phishing emails via the ESPN itself.

Direct phishing emails via ESPN increase the chances of attackers' success, taking advantage of the receiver's trust in communications from known sources.

However, the links provided will direct users to fake websites that mimic the SendGrid login page, where their credentials are taken.

For all email scanners, phishing looks like a legitimate email sent from the SendGrid server with valid links leading to the SendGrid domain.

What makes this campaign very dangerous is phishing emails penetrate traditional security measures. Being sent through legitimate services and containing no clear signs of phishing, they may avoid detection by automated filters.

"Using reliable email service providers is important in relation to your reputation and business security," said Roman Dedenok, security expert at Kaspersky.