Inside SendGrid's phishy business. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

News, Tech News, Daily News, Technology

4.8 • 1.1K Ratings

🗓️ 16 March 2024

⏱️ 30 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Robert Duncan from Netcraft is sharing their research on "Phishception - SendGrid abused to host phishing attacks impersonating itself." Netcraft has recently observed that criminals abused Twilio SendGrid’s email delivery, API, and marketing services to launch a phishing campaign impersonating itself. Hackers behind this novel phishing campaign used SendGrid’s Tracking Settings feature, which allows users to track clicks, opens, and subscriptions with SendGrid. The malicious link was masked behind a tracking link hosted by SendGrid. Please take a moment to fill out an audience survey! Let us know how we are doing! The research can be found here: Phishception – SendGrid is abused to host phishing attacks impersonating itself Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. Hello everyone and welcome to the CyberWire's research Saturday.
1:27.0	I'm Dave Bitner and this is our weekly conversation with researchers and analysts tracking
1:32.2	down the threats and vulnerabilities,
1:34.3	solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
1:40.2	Thanks for joining us. This particular attack came to our attention because it combines so many interesting tactics that have been used to cloak the attack and it's
1:58.6	pretty notable in the sense that it's using the infrastructure of the provider itself that it's impersonating.
2:07.0	That's Robert Duncan, VP of Product Strategy at Netcraft.
2:12.0	The research we're discussing today is titled Fishception
2:15.2	Send Grid Abused to host fishing attacks impersonating itself. And that's a very effective tactic because it makes it really difficult for a victim to tell the difference between a message that they've received or an email that doesn't really originate with that provider but by all intents and purposes or by all intents and purposes, or for all intensive
2:44.2	purposes, that is indistinguishable.
2:47.8	It's really how to tell the difference between the real and the fake, and we walk through this particular attack.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.