
WETRANSFER VS MINBOX HOW TO
Like how to send large files to your friends and family? Is there any Indian file transfer app available online to share files? If the size of the file exceeds 1 GB, then which online file transfer app to use? If you are one of those users who are stuck with such questions, then read it till the end to get the solution.
WETRANSFER VS MINBOX VERIFICATION
Recent research unveiled at Black Hat this month indicates there could be as many as 18 different methods to mislead common email verification checks like Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC). Whereas in the previous scenario the attacker simply changed the personal name, leveraging, here the attacker has manipulated the headers to actually make the email appear to come from the WeTransfer domain. However, it still set off over a dozen models, again prompting Antigena to lock links and hold the email back.įigure 4: An interactive UI snapshot of the second email This email was more sophisticated and even more convincing, appearing to come from the legitimate WeTransfer domain. Incident twoĪ second incident leveraging WeTransfer’s name was detected just a week later at a law firm in Europe. These, and other characteristics, of the URL gave Darktrace’s AI reason to tag this email with the ‘Suspicious Link’ tag, prompting Antigena Email to double lock the offending link and hold the message back from the recipient’s inbox. The AI also recognized that neither the employee in the accounting department nor anybody else in the organization had previously visited the domain in question, and deemed this email as 100% anomalous. It would be highly unusual for WeTransfer to link to SharePoint – a direct competitor – in their emails.
WETRANSFER VS MINBOX PASSWORD
If a user entered their username and password in an attempt to access this ‘invoice’, the malware would harvest their credentials and send them to the attacker.įigure 3: Antigena Email’s dashboard reveals key metadata behind the emailĬritical for Antigena Email’s detection of this attack was that the email contained an anomalous link. Hidden behind a button reading ‘Get your files’ was a webpage that contained malware but displayed a login page. The subject line of this email – “We sent you an invoice via WeTransfer” – is typical of a solicitation attack.

This email was directed at an employee in the accounts department of a financial services organization in the APAC region.įigure 1: An interactive snapshot of Antigena Email’s user interface

We’ve seen similar attacks recently with both QuickBooks and Microsoft Teams. This is a common technique deployed by attackers, who find success in masquerading behind the trusted brand of well-known SaaS vendors.

These attacks attempt to deploy malware into the recipient’s device and further infiltrate an organization. In recent months, Antigena Email has seen a surge in email attacks claiming to be from file sharing site WeTransfer.
