Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Medium
Attackers are utilizing targeted company’s homepage as part of a phishing attack aimed at acquiring credentials. This campaign attempts to imitate the technical support team of the employee’s company and claims that the company’s email security service has quarantined three messages, blocking them from entering the inbox. It then prompts that those messages need to be reviewed in order to confirm validity, as two of these emails are considered valid and are being held for deletion. This could potentially lead the employee to believe that the messages could be important to the company and entice the employee to review the held emails urgently before deletion. Potential loss of important documents or emails could make the employee more inclined to interact with this email.
Hovering over the “Review Messages Now” shows the malicious URL.
Upon interacting with the link, the user will be directed to a phishing page unique to the employees’ company. It’s a login screen on the company website. However, further analysis has determined that the page shown is actually the company’s website home page with a fake login panel covering it. The overlay attempts to prompt the user to sign in to access the company account. The entered credentials are then sent to the threat actor, giving them access to the target’s company account.