New Ghost Phishing Wave Is Breaking Traditional Email Security
Summary
A new "ghost phishing" technique is bypassing traditional email security by keeping malicious pages hidden until they decrypt within the victim's browser. This "EvilTokens" campaign is targeting businesses in the US and Europe, posing a significant risk to Microsoft 365 access and sensitive data.
IFF Assessment
FOE
This phishing technique represents a new and evasive threat that can bypass standard security measures, making it harder for defenders to protect their systems.
Defender Context
Defenders need to be aware of evolving phishing tactics that can circumvent traditional URL filtering. Organizations should focus on user education regarding suspicious content and consider implementing more advanced email security solutions that can detect dynamic or multi-stage attacks.