Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Researchers believe cybercriminals are using a tool dubbed Email Appender to directly connect with compromised email accounts via IMAP.
1 Min Read
A newly detected wave of spam emails is bypassing transport layers and landing in mailboxes, Vade Secure researchers report.
This campaign sent 300,000 spam messages to a single customer in one day and has been seen in France, Italy, Denmark, and the United States. Researchers suspect the attackers are using a tool called Email Appender, which is available on the Dark Web and can be used to connect with compromised email accounts via IMAP.
Email Appender, first reported in October, lets attackers validate compromised email credentials they steal or buy on the Dark Web. They can use the tool to configure a proxy to avoid IP detection, draft a malicious email, and deliver spam straight into a user's account. Attackers can customize their malicious emails to include the display name of the sender's address and provide a reply-to address.
Researchers say this incident is being addressed by shutting down compromised accounts and resetting affected credentials. They note while this incident mostly delivers spam, it's a sign attackers are practicing the new technique before using it to distribute phishing and malware campaigns.
Read Vade Secure's blog for more details.
About the Author(s)
You May Also Like
More Insights
Webinars
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
