Email protection firm Armorblox recently identified a credential theft phishing attack targeting over 20,000 users at a national institution within the education industry. The attack leveraged several common techniques to convince the user that the email and linked login page were legitimately associated with Instagram. This example takes advantage of human nature in the same way as several abuse-of-trust attacks we’ve detailed previously in this blog.
The initial email sent by the attackers contained the Instagram and Meta logos and utilized URLs containing the word “Instagram” to take advantage of users’ trust of the Instagram and Meta brands as a lure for the user to log in and “secure your account”. Because the email utilized URLs that could appear legitimate, and because the lure email looked legitimate and was free of spelling and grammar errors typically used to spot phishing emails, several techniques taught by cybersecurity training programs would be ineffective at getting users to report the email as a phishing attack. ...read more!
