Contact Us; Phish You!
Threat actors are pesky and, once again, they’re up to no good. A new methodology has schemers compromising online forms where users submit their information like their names, email addresses, and, depending on the type of site, some queries relating to their life. This new method indicates that the attackers have figured out a way around the CAPTCHA’s that have been making us all prove we’re not robots by identifying fire hydrants since 1997. And what’s more, we’re not quite sure how they’ve done it.
In this episode, hosts Natalia Godyla and Nic Fillingham sit down with Microsoft threat analyst, Emily Hacker, to discuss what’s going on behind the scenes as Microsoft begins to dig into this new threat and sort through how best to stop it.
In This Episode You Will Learn:
- Why this attack seems to be more effective against specific professionals.
- Why this new method of attack has a high rate of success.
- How to better prepare yourself for this method of attack
Some Questions We Ask:
- What is the endgame for these attacks?
- What are we doing to protect against IceID in these attacks?
- Are we in need of a more advanced replacement for CAPTCHA?
Resources:
Investigating a Unique ‘Form’ of Email Delivery for IcedID Malware
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked: CISO Series with Bret Arsenault
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
