Phishing Attacks Getting Sneakier Towards The End Of 2021

by | December 23, 2021 | Cybersecurity

While you’re getting creative with your gifts, scammers are finding new strategies to use in their phishing attacks. Yep, they don’t take a break. Not even for Christmas.

Phishing is a daily challenge for businesses, with bad guys always stepping up their game. Two new forms of attacks confirm the problem – one of them tricks users, while the other sneaks past security technology.

Phishing attacks are a significant issue for businesses.

Two fresh phishing strategies keep experts on the edge. So let’s have a closer look at what cybercrooks have been up to.

ProxyLogon and ProxyShell-Based Phishing Attacks

ProxyLogon is a series of weaknesses in the Microsoft Exchange Server that a hacker can exploit to circumvent authentication and pass as an admin. Researchers warned that ProxyLogon “might be the most severe and impactful vulnerability in the Exchange history ever.” Several ProxyLogon vulnerabilities have patches available since March 2021, but many users have yet to install them.

ProxyShell is a more recent exploit. Customer servers that have not updated their software since July 2021 are at risk. When cybergrinches breach into a network with ProxyShell, they can do whatever they please and run any command or program they want.

Once the hacker infiltrates a company’s system with either ProxyLogon or ProxyShell, they hijack legitimate existing email threads. Security controls may not filter or quarantine these emails, as they are exchanged between internal users. The threat actors are very careful and do not move laterally on servers or install malware in order to evade detection. However, the emails do contain attachments with the SQUIRRELWAFFLE malware loader in them.

If a recipient opens the attachment, they are asked to enable macros. Once they do so, SQUIRRELWAFFLE will execute and download final stage payloads.

RATDispenser Phishing Attacks

RATDispenser’s name speaks for itself – a JavaScript loader that infects machines with RATs (remote access trojans).

The loader is very dangerous because of its ability to evade conventional cybersecurity defenses. The attack starts with a phishing email containing a poisoned JavaScript attachment with a double ‘.TXT.js’ file extension. By default, Windows hides extensions, so the file seems to be a harmless text file. In addition, the malicious file is heavily obfuscated. Once launched, it writes a VBScript file that downloads the RAT.

And here’s some news to give you goosebumps – according to a study conducted by HP, a jaw-dropping 89% of anti-virus engines failed to detect RATDispenser, proving yet again that you can’t rely on technology-based defenses when it comes to phishing-delivered malware.

The Need For Security Awareness Training

Unfortunately, your employees are the weakest link in the chain and scammers will bombard them with phishing emails all the time. And, with Christmas approaching so quickly, they are all the more likely to be oblivious to the red flags of a phishing attempt.

Your staff is your first line of defense against phishing attacks, so you need to be able to rely on their vigilance. To achieve it, make it a priority to implement security awareness training in your company. A robust and extensive program will teach them everything they need to know to stay off the hook.

Why choose ATTACK Simulator?

We know there are plenty of choices out there. But look no further, as ATTACK Simulator offers an affordable and customizable security awareness training solution for every company, no matter the size.

Let us elaborate on that and explain why ATTACK Simulator is the way to go:

  • We offer security awareness training for companies of all sizes – the importance we place on improving the employee’s vigilange regarding cybersecurity is the same.
  • Our training method features an automated function, which requires little to no manual intervention. Time is, after all, money, and we wouldn’t want you to waste any of it.
  • We offer quick in-house support straight from our developers themselves. We like our customers happy and satisfied.
  • We provide affordable security awareness training.
  • Our software interface is user-friendly, so you’ll be able to learn it in no time.

Don’t waste another minute counting on luck and invest now in a solid cybersecurity awareness program. Get your quote today here.


Security Boulevard Phishing Attacks Getting Sneakier


Feature image: Photo by Artur Tumasjan on Unsplash

Computer vector created by macrovector –

by Diana Panduru

Content writer for Attack Simulator. Passionate about all things writing and cybersecurity, and obsessed with driving. I sometimes indulge in pencil drawing, poetry, and cooking for fun.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.