Cisco ha Updated its engine dedicated to the detection of brand supplantation in mail messages electronic, with new capabilities that expand their coverage level. The improvement made by the company is a response to the increase in the use of threats distributed through attached PDF files to mail messages.
In addition, these novelties also reinforce the level of security against new social engineering techniques. The improvements arrive from Cisco Talos, the Cisco cyberinage area, which has detected a notable increase in recent months in attacks that use PDF files to deceive their possible victims and make them go to false websites, or make them believe that it has to call numbers controlled by cybercriminals.
This technique is known as phishing by calling the call, or telephone-eraned Attack Delivery (TOAD). To perform it, the attackers very frequently use VoIP call technology, with the aim of maintaining their anonymity, but also to hinder their tracking.
As observed in Cisco Talos, the numbers used to make these attempts of attacks are subsequently reused for several days in a row. The ultimate goal of these reuses is unknown, although they are likely to be carried out to maintain the coherence of the attack, reduce costs or facilitate different logistics operations.
On the other hand, an increase in the abuse of the Adobe electronic signature platform has also been detected, in order to distribute malicious PDFs that supplant known brands, such as PayPal. This adds an additional level of sophistication to the threat, since the PDFs are presented as a legitimate document within the normal flow of digital signatures.
But the manipulation of this type of files represents a new evolution, also worrying, in Phishing strategies. This makes Analyze the content integrated in the documents is more complicated. In addition, they use additional channels to the most commonly used to attack, such as telephone calls, it is necessary to use more advanced defense solutions.
