Overview Web phishing is one of the attack methods most frequently used by attackers. In a phishing attack, the attacker creates a fake website that imitates a legitimate website. This fake website is usually used to steal sensitive information from victims, such as login credentials, credit card information, and others.
A common perception is that phishing websites always use the HTTP protocol. However, is that really the case? Do phishing websites never use the HTTPS protocol?
What Is a Credential Attack? A credential attack or credential-based attack is a hacking attempt to take over someone’s account by stealing a username and password. Usually this is done through techniques like phishing, credential stuffing, and brute force.
Simply put, attackers spy, guess, or try thousands of password combinations to get into your account. After that, they can access all the data inside it, such as email accounts, social media accounts, game accounts, and even banking …
Why Is Validating SPF, DKIM, and DMARC Important? If you have already configured SPF, DKIM, and DMARC in DNS, don’t immediately assume everything is secure. An invalid configuration can cause emails to go into the spam folder or even be rejected by the receiving server. That’s why validation is very important to ensure the configuration you created actually works.
If you are still confused about what SPF, DKIM, and DMARC are, you can read the article Email DNS Security Configuration …
This is actually an old case that went viral last year. While browsing Facebook, I frequently encountered sponsored job advertisements claiming to be from well-known companies — especially in mining, factory, and other blue-collar sectors — such as PT Epson, PT Unilever, PT Indofood, and other major corporations.
These ads direct applicants to register online by filling out personal information such as:
Full name Address Phone number National ID number And other personal details Unfortunately, …
Introduction Phishing is an attack carried out by influencing someone to provide personal or confidential information. This attack is usually conducted by sending fake emails that resemble official emails from certain companies or organizations. In a phishing attack, the attacker attempts to obtain sensitive information such as username, password, and even credit card information.
As an organization that is aware of information security, it is important for us to conduct phishing simulations …
Email is one of the most widely used communication methods, but it is also vulnerable to attacks such as spoofing, phishing, and spam. Therefore, implementing SPF, DKIM, and DMARC is very important to improve the security of the email we own. The following is a configuration guide for SPF, DKIM, and DMARC to improve email security.
Sender Policy Framework (SPF) What is SPF? Sender Policy Framework or SPF is an email authentication mechanism that allows a domain to determine which servers are …
What is mshta.exe? mshta.exe is a Windows file system utility used to run Microsoft HTML Application (.HTA) files. This program allows the execution of VBScript or JScript-based scripts, making it a useful tool for administrators but also a tool that is often abused by threat actors.
Why is mshta.exe often used by Threat Actors? Threat Actors frequently abuse mshta.exe to execute malicious code in order to avoid detection by antivirus or other security solutions (EDR). Some reasons why mshta.exe …
