The post Beware FishXProxy, the Ultimate Phishing Kit appeared first on Digital IT News.
]]>The developers of FishXproxy claim their toolkit was created for educational uses, but it clearly appears designed for malicious purposes. The product banner promotes FishXProxy as the “#1 Most Powerful Reverse Proxy for Phishing” with support for multiple platforms including “Gmail, QuickBooks, Office, Outlook, Yahoo, Dropbox, OneDrive… and more!”
The FishXProxy kit can overcome many technical barriers traditionally associated with phishing campaigns with clever tactics that make it easier for cybercriminals to slip through security defenses undetected. These campaigns are usually launched through uniquely generated web links or dynamic attachments to avoid initial detection. FishXProxy then further eludes security protections with advanced features such as antibot configurations, Cloudflare Turnstile integrations, page expiration settings, and more.
FishXProxy has been promoted on XSS, Breach, and Telegram, as well as in private communities that are invite-only. The kit enables attackers to quickly create realistic phishing pages that mimic a wide range of services including popular email providers, financial institutions, and other platforms that require specific user credentials. Such adaptability enables attackers to effectively target multiple platforms and achieve higher success rates.
Perhaps most concerning for security teams, FishXProxy is designed to be extremely user-friendly. The tools require minimal technical skills by simplifying all the steps needed to conduct sophisticated phishing attacks. The kit’s automated installation process, straightforward interface, and comprehensive documentation system make FishXProxy an ideal tool for inexperienced hackers who lack coding experience.
The goal of FishXProxy is to convince users to give up their credentials, and this goal is achieved through a multilayered antibot system. By building in deep layers of code, FishXProxy makes it hard for automated scanners and human researchers to recognize the underlying phishing motives behind the sites created by the kit.
Attackers can mask their intentions through bad links, malicious attachments, and even Cloudflare CAPTCHA antibot systems. And because the kit integrates with Cloudflare, it reflects an enterprise-grade infrastructure that appears to support legitimate web operations to unaware users.
In addition, FishXProxy uses a cookie-based tracking system that enables attackers to follow users across different phishing channels. In turn, such micro-targeting of individuals leads to more convincing campaigns and more persistent attacks. By tracking users across diverse campaigns, attackers have adopted FishXProxy to conduct more prolonged, multi-stage operations. Consistent cookie-naming rules across different phishing sites allow attackers to develop powerful profiles that identify repeat visitors, and then tailor future phishing content based on previous likes and interactions.
SlashNext Email Security researchers have already seen the techniques associated with this phishing kit in operation on a regular basis. Users should be aware of several signs of phishing attempts such as unusual URLs, unexpected CAPTCHA challenges, a sense of urgency or pressure in the messaging, inconsistencies in design or grammar, or unexpected email attachments, especially those containing HTML files.
Everyday users can help defend themselves from such phishing attacks by adopting multi-factor authentication (MFA), making regular updates to software and operating systems, and engaging in security awareness training. Other steps include employing email filtering, using secure browsers with phishing protections, and utilizing password managers to ensure that users only enter credentials on legitimate sites.
Of course, it remains critical to provide regular security training for employees to recognize the latest phishing threats, and maintain strong authentication protections to guard against credential thefts. Yet to stand up truly resilient security safeguards against such sophisticated multi-layered attacks, organizations will also need to deploy their own multi-layered solutions. In this environment, the only viable security option is to build in real-time threat detection across all channels spanning email, web, mobile, messaging, and collaboration apps.
To learn how SlashNext can help prevent FishXProxy cybercriminals within your organization, visit the website here.
Related News:
SlashNext’s Project Phantom Launched to Thwart Obfuscation Techniques
Executive Protection Service Launched by SlashNext
The post Beware FishXProxy, the Ultimate Phishing Kit appeared first on Digital IT News.
]]>The post SlashNext’s Project Phantom Launched to Thwart Obfuscation Techniques appeared first on Digital IT News.
]]>“Over 60% of malicious URLs delivered via email are protected by CAPTCHA, which is why we developed Project Phantom. This unique technology to detect these threats before they compromise users,” said Patrick Harr, CEO, SlashNext. “Our patented Zero-Trust Stealth Mode Browsers behave exactly like a human user, interacting with CAPTCHAs to access phishing and other malicious content hidden behind these barriers for AI analysis. As a result, we uniquely detect and block these threats that others routinely miss.”
No technology is free of unintended consequences, as the cybersecurity community knows all too well. In recent years, well-intentioned companies offering free services such as CAPTCHA solutions and content delivery networks have inadvertently become tools that aid threat actors. For example, Cloudflare’s Turnstile Services and similar CAPTCHA solutions, which are designed to improve user experience and verify human interactions, are commonly exploited as obfuscation techniques. CAPTCHAs are used to block crawlers employed by security services from accessing and analyzing phishing sites.
With our Zero-Trust Stealth Mode Browsers, SlashNext can bypass obfuscation techniques employed by CAPTCHA services from Cloudflare, Google, and others. Additionally, these browsers uniquely uncover advanced threats hosted on trusted services like SharePoint, Google, Microsoft, and Adobe—constituting 50% of the threats SlashNext detects daily.
Leveraging SlashNext’s Proactive AI, SlashNext detonates over 200 million URLs per day from various sources, such as newly registered domains, spam traps, ad networks, and customers. By applying cutting-edge techniques like computer vision, NLP, DOM inspection, and nested link analysis, SlashNext preemptively detects over 800,000 new URL threats daily. This combined approach enables SlashNext to identify 99.99% of URL-based threats with near-zero false positives, offering a critical 48-hour detection advantage over conventional methods.
Cybersecurity professionals are invited to observe the results first-hand of SlashNext’s Project Phantom browsers as they secure users’ email and browsers from phishing URLs. The URL scanning tool can also be a powerful analysis tool for security analysts and researchers alike.
To learn more about Project Phantom, visit the website here.
Related News:
Executive Protection Service Launched by SlashNext
Spam and Graymail Detection Established by SlashNext Powered by GenAI
The post SlashNext’s Project Phantom Launched to Thwart Obfuscation Techniques appeared first on Digital IT News.
]]>The post Executive Protection Service Launched by SlashNext appeared first on Digital IT News.
]]>“AI-generated phishing and social engineering attacks targeting executives and high value employees has grown exponentially since the release of ChatGPT,” said Patrick Harr, CEO of SlashNext. “Our Executive Protection Service fights AI with AI and ensures organizations of any size can protect their most targeted individuals against advanced phishing, social engineering and cybercrime threats responsible for the vast majority of successful ransomware, financial fraud and data breaches.”
SlashNext’s Executive Protection Service offers unparalleled security for designated employees, including Board Directors, Executive Officers (e.g., Section 16 Officers defined in The Securities Exchange Act of 1934), Accounts Payable, HR, and other business leaders. The service provides complete protection against sophisticated attacks in:
The Executive Protection Service integrates directly into corporate and personal email, messaging and communication apps used by executives and high value targets and is backed by a 100% guaranteed privacy policy ensuring that communication is strictly secure and private.
“With the launch of its Executive Protection Service, SlashNext is addressing a critical need in the cybersecurity landscape,” said Ken Buckler, Research Director, Security and Risk Management, at Enterprise Management Associates (EMA). “High-value employees are prime targets for cybercriminals, and this innovative solution offers them robust, multi-channel protection. Integrating email, mobile, and browser security as a service that is both simple and fast to deploy keeps organizations and their most valuable assets safe.”
To learn more about SlashNext’s Executive Protection Service, visit the website here.
Related News:
Spam and Graymail Detection Established by SlashNext Powered by GenAI
Mid-Year Assessment on The State of Phishing Report Released
The post Executive Protection Service Launched by SlashNext appeared first on Digital IT News.
]]>The post Mid-Year Assessment on The State of Phishing Report Released appeared first on Digital IT News.
]]>Fueled by AI-generated attacks, the Mid-Year Assessment revealed a 341% increase in malicious phishing link, BEC, QR Code and attachment-based email and multi-channel messaging threats in the last six months alone. This was on top of a staggering 856% increase in malicious email and messaging threats over the prior 12 months. And, since the launch of ChatGPT in November 2022, there has been a 4,151% increase in malicious phishing messages sent.
“Humans have been, and will continue to be, the weakest point in any organization’s security,” said Patrick Harr, CEO, SlashNext. “There is a reason threat actors continue to iterate on tactics like phishing that have been around for decades – they are highly effective. According to Verizon’s 2024 Data Breach Investigations Report, humans are increasingly falling for phishing attacks and it now takes a median time of only 21 seconds for a user to click on a malicious link, and only another 28 seconds to then enter their personal data. We know from our research these attacks are getting a boost from generative AI tools that are readily available. Threat actors are using gen AI to customize messages for their victims, write more convincing messages, and dramatically accelerate the speed and volume of these attacks with little to no added cost.”
In looking at specific threat types, SlashNext Threat Labs found a 217% increase in credential harvesting phishing attacks and a 29% increase in BEC attacks in the last six months. Losses due to BEC attacks exceeded $2.9B in 2023, at an average cost of $137,000 per BEC incident, according to the recent FBI IC3 Report. In addition, mobile phones have emerged as the most utilized and vulnerable communications channel, with 45% of all mobile threats now being reported as SMS smishing attacks.
CAPTCHA-based attacks, particularly using CloudFlare, are also on the rise and they are being used to mask credential harvesting forms. Attackers are generating thousands of domains and implementing CloudFlare’s CAPTCHAs to hide credential phishing forms from security protocols that are unable to bypass theCAPTCHAs.
“Leveraging legitimate services like Microsoft Sharepoint, AWS, and Salesforce to hide phishing and malware is another favorite tactic employed by threat actors because it preys on users’ trust in these tools,” continued Harr. “In addition to CAPTCHA-based attacks, QR code-based attacks are growing in popularity and now comprise 11% of all malicious emails – often embedded in legitimate infrastructures. The onus should not be on users to identify and avoid sophisticated attacks, especially when the research proves that relying on training and traditional cybersecurity tools is ineffective against modern attack tactics. It’s time to fight AI with AI and implement AI-powered email and messaging security tools that keep malicious messages out of users’ inboxes altogether.”
To counter the growing sophistication of these cyberattacks, the SlashNext advanced gen AI security platform is specifically engineered to identify, anticipate and block complex BEC threats, phishing, and ransomware. Utilizing generative AI, natural language parallel prediction, computer vision, relationship graphs, and contextual analysis, the platform achieves an industry-leading detection rate of 99.99%.
Download the full 2024 Mid-Year Assessment to The State of Phishing report.
Related News:
Spam and Graymail Detection Established by SlashNext Powered by GenAI
15 Security Predictions for 2024
The post Mid-Year Assessment on The State of Phishing Report Released appeared first on Digital IT News.
]]>The post Spam and Graymail Detection Established by SlashNext Powered by GenAI appeared first on Digital IT News.
]]>Since the launch of ChatGPT, the SlashNext Threat Labs team has observed a 1,265% increase in malicious phishing emails. The FBI warns in its recent IC3 report that losses due to BEC in 2023 exceeded $2.9B, with an average cost of $137K per BEC incident. The availability of generative AI platforms like ChatGPT is enabling cybercriminals to launch sophisticated email-based attacks quickly and in greater volume than ever before. As a byproduct, spam and graymail volumes have increased as well, which amplifies the burden placed on SOC teams who are left to manage the influx in emails reported by users for investigation.
“SlashNext was the first to fight generative AI attacks with generative AI protection,” said Patrick Harr, CEO of SlashNext. “In 2023, we launched the industry’s first generative AI solution for Business Email Compromise (BEC) to thwart advanced supply chain, executive impersonation, financial fraud, and other socially engineered attacks. Now, we are extending this same generative AI capability to detect and block unsolicited spam and graymail, further reducing risk and enhancing the productivity of both individual users and SOC teams.”
SlashNext GenAI for Spam and Graymail improves user productivity by keeping their inboxes clean and free of spam and unsolicited emails that they otherwise would likely report to their SOC teams for investigation. This in turn reduces the burden on SOC teams who now receive fewer alerts and investigation requests. With an intuitive executive dashboard and executive summary report, CISOs can easily demonstrate the value of SlashNext GenAI for Spam and Graymail. The dashboard and reporting capabilities provide clear insights into the value delivered by showcasing metrics such as “User Productivity Hours Saved” and “SOC Analysts Time Saved.”
Unlike other email security solutions that use primary signatures and policies, SlashNext GenAI for Spam and Graymail is based on a proprietary generative AI LLM. Because of this approach, it also seamlessly integrates with Microsoft and augments Microsoft Defender for Office 365. This pairing provides customers with the strongest “better together” defense in depth strategy available.
SlashNext GenAI for Spam and Graymail is available now. Learn more about SlashNext’s patented generative AI security technology for spam and graymail detection here.
Related News:
15 Security Predictions for 2024
OAuth Implementations Security Flaws Remedied with Salt Security
The post Spam and Graymail Detection Established by SlashNext Powered by GenAI appeared first on Digital IT News.
]]>