A new type of phishing attack uses server-analyzed HTML as a base for its cyber attack. The attack comes through a rejection of links in emails that are sent to many users who are instantly redirected to a malicious site. Once there, the site requests confidential information from the user.
Tomas K, senior design manager at Mimecast, said that “This is a seemingly conventional attachment redirecting unsuspecting users to a malicious site, but it does teach businesses a big lesson. This method works. This is a huge challenge for organisations who are trying to do everything they can to keep their systems safe. “
This type of phishing targeted the UK (55%), Australia (31%) and South Africa (11%), primarily the financial market, accounting and higher education sectors. The Mimecast command used threat information to generate code identifying each email message containing that particular SHTML. In doing so, the Mimecast gateway can identify and intercept any email using this specific phishing attack. In the two months since the defense began, more than 100,000 users have been protected from this phishing attack, saving them from possible financial losses.
A Mimecast report on the threat reports that “Phishing is the most common problem. In companies, it ‘s important to train employees so they can detect a malicious email as soon as it arrives in their inbox.