[Weekly Security News] Cyber attacks in the Telecommunications, healthcare, and councils [April 24 2024] 1. Frontier Communications shuts down systems after cyberattack Telecom giant Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack performed on April 14. After discovering the incident, the company was […]
In today’s digital landscape, cybersecurity needs to be prioritized by businesses of all sizes, including small-to-mid-sized businesses (SMBs). As organizations rely heavily on technology to drive their operations, they have become increasingly vulnerable to cyber threats. Fortunately, a powerful tool exists to help SMBs fortify their defenses: penetration testing. Understanding Penetration Testing Penetration testing, or […]
Installing a safe in your business premises or home enables you to protect documents, money and other valuable items. You need to inspect the safe regularly to ensure all components work correctly so you can keep your valuables secure. You may need safe repair when the vault’s components wear out due to continued usage, rust
Due to the fast-paced nature of our world, ensuring the safety and security of your home is vital. With innovations in technology, homeowners now have access to a wide array of options to protect their properties. Among these options, wireless home security systems installed by professional companies stand out as a top choice for numerous […]
Earlier this month, Just World Ed and our partners from Dublin’s Tortoise Shack Media wrapped up the first season of our globe-circling podcast “PalCast: One World, One Struggle”, hosted by …
When you’re on the hunt for the perfect commercial space to lease, it’s easy to get caught up in the excitement of imagining your business thriving in a new location. However, beyond square footage, lease terms, and location, there’s a critical aspect you must consider: security. As a business owner, ensuring the safety of your […]
Before deciding on a home security system, it’s important to consider the features offered and your personal needs. Hundreds, if not thousands, of home security options are available to consumers, which can make selecting a system overwhelming. According to Consumer Affairs, over 30 million households in the US have a home security system, but only […]
Netcraft has recently observed that criminals abused SendGrid’s services to launch a phishing campaign impersonating SendGrid itself. The well-known provider, now owned by Twilio, makes sending emails at scale simple and flexible. In addition to scale, the promise of high deliverability and feature-rich tools make Sendgrid a sought-after service for legitimate businesses and a likely target for criminals.
The campaign observed uses a variety of complex lures, such as claiming the victim’s account has been suspended while its sending practices are reviewed or that the victim’s account is marked for removal due to a recent payment failure, combined with other SendGrid features to mask the actual destination of any malicious links.
Screenshot of one of the phishing emails seen by Netcraft in the campaign.
The criminals behind the campaign used SendGrid’s click-tracking feature, with the malicious link masked behind a tracking link hosted by SendGrid. As the actual destination link is encoded in a URL parameter, even technically savvy recipients cannot determine its destination without following it.
Examining the email headers reveals that the phishing emails are sent using SendGrid’s infrastructure:
Received: from s.wfbtzhsv.outbound-mail.sendgrid.net (s.wfbtzhsv.outbound-mail.sendgrid.net [159.183.224.104])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
(No client certificate requested)
by REDACTED (Postfix) with ESMTPS id 684BCE1862
for <REDACTED>; Tue, 12 Dec 2023 18:49:17 +0000 (UTC)
SendGrid advertises an “industry-leading 99% delivery rate”. With even legitimate companies sometimes struggling to deliver emails to users’ inboxes successfully, it is easy to see how using SendGrid for phishing campaigns is attractive to criminals.
One giveaway indicates that the emails are not legitimate: while the campaign uses SendGrid’s email servers, the “From:” addresses do not use SendGrid’s domain name. Instead, the emails are sent from a variety of unrelated domain …
In today’s digital landscape, organizations face an unprecedented number of cybersecurity challenges, with one of the most insidious being insider threats. Although such incidents may not be headline-grabbing, they are no less dangerous to the organization when they do occur. Insider threats are particularly challenging because they originate from within the organization itself, often involving […]
Ensuring the safety and security of your home is not just about peace of mind; it’s also about creating a space that feels truly secure and protected from potential threats. Windows are critical points in home and business security that demand our attention. In this article, we’ll cover several effective strategies to fortify your windows […]
