Hundreds of organizations have been compromised in attacks involving the exploitation of legitimate URL protection services for malicious email link concealment as part of a phishing campaign that commenced in May, reports SC Media.
Hacked business accounts with URL protection services may have been used by threat actors to enable the intrusions, which involved the distribution of phishing emails with fraudulent DocuSign documents and password reset alerts redirecting to malicious sites, an analysis from Barracuda revealed.
The findings should prompt organizations to leverage email security software with various defense layers to protect themselves from possible compromise, according to Barracuda.
Such findings come after a Resecurity report in February that detailed the utilization of Google Cloud and other public cloud services to facilitate phishing kit hosting and legitimate URL generation.
Attackers were also previously reported by Cofense to have been increasingly exploiting LinkedIn Smart Links to enable compromise without being detected by email security services.