CyberheistNews Vol 14 #25 Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for Outlook


CyberheistNews Vol 14 #25  |   June 18th, 2024


Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for OutlookStu Sjouwerman SACP

Rising phishing assaults are a continuing menace to organizations, making it essential for customers to report suspicious emails.

This observe not solely helps in figuring out and mitigating potential threats, but in addition performs a major position in educating and creating consciousness amongst workers.

The significance of reporting suspected phishing emails can’t be overstated, because it acts as a final line of protection in opposition to cyber threats. Nonetheless, the method of reporting phishing makes an attempt has not all the time been easy.

One of many main problems with reporting phishing emails is the dearth of a standardized button throughout totally different e mail platforms and safety options. Varied distributors supply their very own reporting buttons, every with its personal placement and performance.

This inconsistency results in a fragmented person expertise, making it difficult for workers to shortly and effectively report suspicious emails. Moreover, the presence of a number of reporting buttons may end up in confusion and even false positives, which might overwhelm safety groups with pointless alerts.

Recognizing these challenges, KnowBe4 has collaborated with Microsoft to combine a standardized customizable reporting button immediately into Microsoft Outlook known as the Microsoft Ribbon Phish Alert Button. This partnership goals to streamline the method of reporting phishing emails, offering a constant and user-friendly expertise throughout the Outlook platform.

The Collaboration with Microsoft

Through the current Microsoft Construct convention, Sam Ramon, a technical author from the Workplace Platform Staff, introduced a number of important updates to the Outlook add-in house. Amongst these updates was the introduction of a brand new built-in spam reporting function, developed in collaboration with KnowBe4.

This function is designed to reinforce the safety consciousness coaching and simulated phishing capabilities supplied by KnowBe4. Brandon Smith, Product Supervisor at KnowBe4, [VIDEO link in blog post] highlighted the advantages of this collaboration throughout his presentation.

The brand new spam reporting add-in for Outlook goals to supply an enhanced safety expertise by making the phishing reporting course of extra accessible and environment friendly for customers. This integration ensures that the spam reporting button is conveniently positioned within the Outlook ribbon, all the time inside attain for customers to report suspicious emails with only a single click on.

Key Options and Advantages

  • Constant Person Expertise
  • Environment friendly Reporting
  • Enhanced Safety
  • Collaboration and Innovation
  • Seamless Integration

Microsoft Ribbon Phish Alert Button Product Guide

From our Information Base: The Microsoft Ribbon Phish Alert Button (PAB) permits your customers to simply report suspicious emails and assist defend your group from cyberattacks. If you combine the PAB with Microsoft’s built-in spam-reporting function, the PAB will seem within the Outlook ribbon.

When your customers click on the PAB to report an e mail, they’ll present your IT crew with an early warning about potential threats. You possibly can obtain reported emails within the Microsoft 365 Defender platform and the KSAT console. To discover ways to set up the Microsoft Ribbon PAB and the way your customers can use the PAB of their mail shoppers, see the Information Base Article. https://help.knowbe4.com/hc/en-us/articles/26106205842707-Microsoft-Ribbon-Phish-Alert-Button-Product-Guide

Trying Forward

The introduction of the Microsoft Ribbon Phish Alert Button marks a major step ahead within the battle in opposition to phishing assaults. As extra organizations undertake this answer, the benefit and effectivity of reporting phishing emails will undoubtedly enhance, main to raised menace detection and prevention.

Transferring ahead, KnowBe4 and Microsoft stay dedicated to refining and increasing this add-in. Future updates will seemingly embrace smarter analytics, deeper integration between platforms and extra options to additional improve the safety and person expertise.

The collaboration between KnowBe4 and Microsoft exemplifies the facility of innovation and teamwork in addressing the challenges of cybersecurity.

Weblog put up with hyperlink to Microsoft BUILD Convention Video:
https://weblog.knowbe4.com/microsoft-and-knowbe4-collaborate-on-phish-alert-button-for-outlook?

Rip Malicious Emails With KnowBe4’s PhishER Plus

Rip malicious emails out of your customers’ mailbox with KnowBe4’s PhishER Plus!

It is time to supercharge your phishing defenses utilizing these two highly effective options:

1) Mechanically blocking malicious emails that your filters miss
2) With the ability to RIP malicious emails earlier than your customers click on on them

With PhishER Plus you possibly can:

  • NEW! Detect and reply to threats sooner with real-time net fame intelligence with PhishER Plus Menace Intel, powered by Webroot!
  • Use crowdsourced intelligence from greater than 13 million customers to dam recognized threats earlier than you are even conscious of them
  • Mechanically isolate and “rip” malicious emails out of your customers’ inboxes which have bypassed mail filters
  • Simplify your workflow by analyzing hyperlinks and attachments from a single console with the CrowdStrike Falcon Sandbox integration
  • Automate message prioritization by guidelines you set and lower by your incident response inbox noise to answer probably the most harmful threats shortly

Be a part of us for a stay 30-minute demo of PhishER Plus, the #1 Chief within the G2 Grid Report for SOAR Software program, to see it in motion.

Date/Time: THIS WEEK, Wednesday, June 19, @ 2:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/phisher-demo-3?partnerref=CHN2

Beware: Main AI Chatbots Now Deliberately Spreading Election Disinformation

Simply if you thought the disinformation panorama could not get any worse, a brand new report from Democracy Reporting Worldwide in Europe reveals that common AI chatbots have began deliberately spreading false data associated to elections and the voting course of.

The researchers examined the responses from chatbots like Google’s Gemini, OpenAI’s ChatGPT4, ChatGPT4-o, and Microsoft’s Copilot when requested frequent election-related questions throughout 10 European languages. Their findings? A regarding stage of disinformation being pushed out.

Because the report states, “We titled our last study ‘misinformation’…we have changed the category now to ‘disinformation,’ which implies a level of intent. Once a company has been made aware of misinformation but fails to act on it, it knowingly accepts the spread of false information.”

That is proper, these main firms are properly conscious their chatbots are offering inaccurate and deceptive details about voting processes, voter registration, mail-in ballots, and extra — but they’ve failed so as to add correct guardrails to the AI fashions. It is inexcusable. This doubtlessly undermines election integrity.

Some examples of the disinformation included:

  • ChatGPT supplies Irish voters with directions for a single outdated paper type, relatively than clarifying the assorted on-line/in-person choices based mostly on voter standing.
  • Copilot does not point out that Polish residents dwelling overseas can vote for his or her nation’s MEPs.
  • ChatGPT incorrectly tells Greek customers they should register to vote, when all residents are routinely registered.

OpenAI specifically has made zero efforts to stop its chatbots from spreading electoral disinformation, in keeping with the report. The researchers urgently suggest OpenAI “retrain its chatbots to prevent such disinformation.”

This cavalier angle from Huge AI is regarding as we head into main elections throughout Europe and the U.S. in 2024. Voters counting on AI assistants for steering could also be misled in ways in which may suppress turnout and trigger issues.

As specialists within the space, we should elevate consciousness with our clients and communities in regards to the risks of blindly trusting chatbot responses on civic processes.

Disinformation is a prime cybersecurity menace to organizations and democracies. Do not let your guard down — keep vigilant in opposition to rising AI-powered disinformation vectors like this. Verify any election directions by official .gov web sites and nonpartisan organizations.

New-school safety consciousness coaching empowers workers to suppose critically about AI output and spot potential disinformation purple flags. With the stakes for honest elections so excessive, preparedness is vital.

Weblog put up with hyperlink to EuroNews supply:
https://weblog.knowbe4.com/major-ai-chatbots-intentionally-spreading-election-disinformation

[NEW] Whitepaper: The Function of AI in E-mail Safety

As organizations have carried out e mail safety options and educated workers to acknowledge e mail assaults, menace actors have pivoted to extra superior strategies that bypass protections, specifically synthetic intelligence (AI).

In response, e mail safety distributors are utilizing AI of their defensive instruments to cease assaults that leverage new and rising assault strategies in e mail. Many organizations have gained AI-enabled protections by advantage of their incumbent e mail safety distributors, however to strengthen their defenses, they’re now purchasing for new options providing AI to bolster the baseline protections supplied by cloud e mail suppliers.

Learn this analysis to be taught:

  • How cybercriminals are leveraging AI to avoid conventional e mail safety instruments
  • How AI capabilities are enhancing detection efficacy
  • High AI-driven security measures IT patrons are prioritizing when evaluating e mail safety merchandise

Obtain Now:
https://data.knowbe4.com/wp-phisher-plus-ai-email-security-chn

DarkGate Malware Being Unfold through Excel Docs Hooked up To Phishing Emails

A phishing marketing campaign is spreading the DarkGate malware utilizing new methods to evade safety filters, in keeping with researchers at Cisco Talos.

“The DarkGate malware family is distinguished by its covert spreading techniques, ability to steal information, evasion strategies, and widespread impact on both individuals and organizations” the researchers clarify.

“Recently, DarkGate has been observed distributing malware through Microsoft Teams and even via malvertising campaigns. Notably, in the latest campaign, AutoHotKey scripting was employed instead of AutoIT, indicating the continuous evolution of DarkGate actors in altering the infection chain to evade detection.”

The malware is delivered through malicious Excel paperwork connected to phishing emails. The emails purport to come back from an organization’s CEO, and urge recipients to evaluation the connected paperwork as quickly as doable.

“Talos’ intent analysis of these emails revealed that the primary purpose of the emails primarily pertained to financial or official matters, compelling the recipient to take an action by opening the attached document,” the researchers write.

“The infection process begins when the malicious Excel document is opened. These files were specially crafted to utilize a technique, called ‘Remote Template Injection,’ to trigger the automatic download and execution of malicious contents hosted on a remote server.”

The researchers clarify that Distant Template Injection is a much less frequent tactic that is extra prone to go undetected by safety measures.

“Remote Template Injection is an attack technique that exploits a legitimate Excel functionality wherein templates can be imported from external sources to expand a document’s functions and features,” Cisco Talos says.

“By exploiting the inherent trust users place in document files, this method skillfully evades security protocols that may not be as stringent for document templates compared to executable files. It represents a refined tactic for attackers to establish a presence within a system, sidestepping the need for conventional executable malware.”

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/darkgate-malware-spread-via-phishing

[INFOGRAPHIC] 9 Cognitive Biases Hackers Exploit the Most

Cybersecurity isn’t just a technological problem, however more and more a social and behavioral one.

Folks, regardless of their tech savviness, are sometimes duped by social engineering scams, like CEO fraud, due to their familiarity and immediacy components.

Dangerous actors have the know-how to faucet into “mental shortcuts” generally known as cognitive biases and manipulate workers into compromising delicate data or programs.

Try this infographic, with examples of the highest cognitive biases hackers use probably the most:
https://weblog.knowbe4.com/infographic-9-cognitive-biases-hackers-exploit

Sinister “More_eggs” Malware Cracks Into Firms by Focusing on Hiring Managers

Job seekers, beware — cybercriminals have a nasty new technique to slide their malicious code on company networks. Researchers have uncovered a devious phishing marketing campaign that is distributing the highly effective More_eggs backdoor by disguising it as resume submissions for open roles.

That is proper, menace actors are exploiting one of the vital routine elements of hiring processes to launch crippling cyber assaults.

In response to the investigation, malicious actors are responding to job listings on LinkedIn and luring recruiters to faux web sites purporting to comprise candidate resumes. However trying to obtain the “resume” launches a malware an infection chain as an alternative.

The cybersecurity agency eSentire noticed one in all these assaults in Might concentrating on an industrial companies firm. The menace actor impersonated a job applicant and tricked a hiring supervisor into visiting their weaponized web site, the place a malicious Home windows shortcut file triggered the silent deployment of the More_eggs malware.

More_eggs is a pernicious modular backdoor able to harvesting delicate information, delivering further payloads, and giving menace actors full distant entry. It is a part of a Malware-as-a-Service operation run by felony teams like Golden Chickens, offering potent instruments to cybercriminal clientele.

These actors are well-versed in utilizing social engineering ways to spice up an infection charges. Earlier More_eggs campaigns have additionally used bogus job alternative lures on LinkedIn to trick professionals into downloading the malware. Leverage folks’s profession aspirations and want to land their dream job — it is a deviously efficient psychological ploy.

The an infection vector will get worse. The malicious resume obtain websites are designed to modify to displaying innocent HTML code after a time frame, erasing traces of the assault for unwitting victims. Brutal stuff geared toward staying undetected for so long as doable contained in the goal’s community.

This marketing campaign highlights why safety consciousness coaching for ALL workers, even non-technical roles like HR, is completely essential to blocking phishing and social engineering threats. One fallacious click on may doubtlessly compromise your total group.

Hiring managers want to stay hyper-vigilant about vetting job candidates and purported resumes, particularly these coming from sketchy web sites or e mail contacts. If one thing appears off, cease and get that resume file correctly scanned earlier than downloading it. Company safety insurance policies and finest practices should govern how recruitment groups deal with candidate supplies.

Ensuring your workers stays alert to those sneaky ways could possibly be the distinction between safely onboarding nice new expertise or unknowingly enlisting a malicious code operator onto your payroll. Give your defenses a abilities injection — ramp up your group’s safety consciousness coaching now to stomp out resume-themed threats.

KnowBe4 empowers your workforce to make smarter safety selections day by day. Over 65,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/sinister-moreeggs-malware-targeting-hiring-managers

Let’s keep secure on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [BUDGET AMMO] Egress Report “CEOs, Cybersecurity Leaders, Stressed Out By Phishing”:
https://ceoworld.biz/2024/06/12/ceos-cybersecurity-leaders-stressed-out-by-phishing-egress-report/

Quotes of the Week  

“Life is short, Break the rules. Forgive quickly, Kiss slowly. Love truly. Laugh uncontrollably. And never regret anything that makes you smile.”
– Mark Twain – Creator (1835 – 1910)


“Peace is not an absence of war, it is a virtue, a state of mind, a disposition for benevolence, confidence, justice.”
– Spinoza – Thinker (1632 – 1677)


Thanks for studying CyberheistNews

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-25-microsoft-and-knowbe4-collaborate-on-ribbon-phish-alert-button-for-outlook

Safety Information

Unmasking the Menace: Why Phishing Scams Are Surging in Japan

Japan has numerous Forbes World 2000 firms — greater than the UK, Germany and France mixed. Regardless of this financial energy, Japan faces an alarming and rising menace from phishing assaults, which is way worse than beforehand assumed.

In response to findings by Mailsuite, Japan is often focused by phishers, notably impersonating its main manufacturers. Telecom agency au by KDDI, as an illustration, has been exploited in 18,964 phishing scams since January 2020. One other often impersonated model is the Japanese fee service JCB, which has been utilized in 14,907 phishing scams.

Japanese specialists verify that these findings align with different analysis by Cloudflare and Vade. KDDI’s cellphone service identify, “au,” is commonly abused because of its similarity to the Australian ccTLD, fooling many into considering phishing emails are legit. Furthermore, different main manufacturers like practice firm JR East and retail franchise Aeon have additionally seen over 10,000 verified phishing scams every.

The issue has reached such an extent that 2023 noticed a file variety of phishing scams in Japan, surpassing the earlier annual file for unauthorized cash transfers inside simply six months. The pattern has prolonged into 2024 and Hisashi Arai from KDDI’s UX and High quality Division highlights the sophistication of those phishing websites, which mimic legit screens virtually identically, making detection tough.

Compounding the problem is the low adoption price of DMARC by main Japanese firms, trailing behind these within the Philippines and Thailand. Japan’s financial affluence, rating third globally by GDP, makes it a beautiful goal for North Korean and Chinese language cybercriminals. Moreover, cultural components, equivalent to Japan’s strict adherence to deadlines, make residents extra weak to phishing makes an attempt utilizing pressing language.

The Council of Anti-Phishing Japan’s month-to-month experiences additional underscore the severity of the scenario. Moreover, a current Cloudflare announcement listed a number of Japanese manufacturers often focused in phishing scams, together with Mitsubishi UFJ NICOS, Rakuten, JR East and Aeon.

The upshot is that phishing assaults in Japan are a major and escalating problem, requiring instant and enhanced cybersecurity measures to guard its firms and residents.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/unmasking-the-threat-why-phishing-scams-are-surging-in-japan

New Phishing Equipment Makes use of Progressive Net Apps to Show Phony Login Pages

A brand new phishing equipment abuses progressive net apps (PWAs) to impersonate company login pages and steal credentials, BleepingComputer experiences.

“A PWA is a web-based app created using HTML, CSS, and JavaScript that can be installed from a website like a regular desktop application,” BleepingComputer explains. “As soon as put in, the working system will create a PWA shortcut and add it to Add or Take away Applications in Home windows and underneath the /Customers/account/Functions/ folder in macOS.

“When launched, a progressive web app will run in the browser you installed it from but be displayed as a desktop application with all the standard browser controls hidden.” The phishing equipment was launched by safety researcher “mr.d0x” for red-teaming functions, however this method will seemingly be adopted by cybercriminals.

“PWAs open up the path for UI manipulation that can trick users into believing they’re on a different website,” mr.d0x defined in a weblog put up. “This system clearly has some disadvantages such because the requirement of the goal person to put in the applying.

“Additionally, the PWA window briefly displays the actual domain name in the top right corner. However, I believe people’s habits of checking the URL bar will lead them to disregard that domain name (security awareness is required for this).”

BleepingComputer has the story:
https://www.bleepingcomputer.com/information/safety/new-phishing-toolkit-uses-pwas-to-steal-login-credentials/

Crooks within the UK Allegedly Used Do-it-yourself Cell Tower to Ship Smishing Messages

Police within the UK have arrested two people for allegedly utilizing a home made cellphone tower to ship hundreds of SMS phishing (smishing) messages, the Register experiences. The machine enabled the malicious textual content messages to evade detection by safety filters.

“Officers have made two arrests in connection with an investigation into the use of a ‘text message blaster,’ believed to have been used to send thousands of smishing messages, posing as banks and other official organisations, to members of the public,” the Metropolis of London Police mentioned in a press launch.

“In what is thought to be the first of its kind in the UK, an illegitimate telephone mast is believed to have been used as an ‘SMS blaster’ to send messages that bypass mobile phone networks’ systems in place to block suspicious text messages.”

UK communications regulator Ofcom informed the Register, “Criminals who defraud people using mobile technology cause huge distress and financial harm to their victims. We’re working closely with the police, the National Cyber Security Centre, other regulators, and industry to tackle the problem.”

Criminals are all the time searching for new methods to bypass technical defenses with the intention to goal customers immediately with social engineering assaults. KnowBe4 empowers your workforce to make smarter safety selections day by day. Over 65,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

The Register has the story:
https://www.theregister.com/2024/06/10/two_arrested_in_uk_over/

What KnowBe4 Prospects Say

“Hi Stu, we have really enjoyed the product so far. It has served as a great help for our security awareness training and we are hoping to soon deploy additional features such as the PhishER button.”

– R.P., Safety Engineer


“Hi Stu, Thanks for your personal email. It’s great to hear from you. We are happy over here and feel like KB4 is an essential and helpful tool for our organization. I especially appreciate my account rep, Crystal C. who is an invaluable resource to me. I am growing in appreciation and dependency as an important tool for us. Would you do me a favor and reach to Crystal and express my deep appreciation? Please let me know if I can help you in the future.”

– P.M., IT Supervisor

The ten Attention-grabbing Information Gadgets This Week

Cyberheist ‘Fave’ Hyperlinks

This Week’s Hyperlinks We Like, Suggestions, Hints and Enjoyable Stuff

Recent articles