Lateral Phishing: Successful Account Takeover (ATO) allowed attackers to distribute an internal email to users within the organization, including a link to an online form.
Drag-and-Drop-and-Deceive: Build Your Own Phishing Site
Successful Account Takeover (ATO) leading to Lateral Phishing bypassing SEGs.
What is the attack?
Online Form: The form solicits sensitive information such as names, phone numbers, email addresses, passphrases, and birthdates.
Why did it get through?
Verified Source: Email sent from a domain that passed sender authentication checks.
Lateral Phishing: Email sent between internal users within the same organization.
Legitimate Hosting: The website was designed and hosted by Wix, a legitimate cloud-based website design service, lending the site an air of credibility.
What is required to solve for this attack?
Content Analysis and Natural Language Processing: Abnormal understands the context, content, and tone and is able to infer the message and solicit user credentials.
Behavioral Analysis: Abnormal uses behavioral analysis, and normal communication patterns within the company to flag suspicious and risky communication.