While the cloud-based file transfer company reported that there was “significant” participation from existing investor Highland Europe, the funding round was led by European growth equity firm HPE Growth. WeTransfer, the Amsterdam-based file-sharing platform that was founded in 2009, has disclosed a €35m secondary funding round. Īll third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks.WeTransfer has not disclosed its latest valuation, but said that it has been profitable for six years.
To raise your understand, read the 2019 Phishing Threat & Malware Review. Thanks to our unique perspective, no one knows more about current REAL phishing threats than Cofense. Understand what SaaS applications are configured for your domains-do YOUR research with Cofense CloudSeeker ™. Every SaaS platform you use is an opportunity for attackers to exploit it. Reduce exposure time by rapidly quarantining threats with Cofense Vision TM.Īttackers do their research. Quickly turn user reported emails into actionable intelligence with Cofense Triage TM. Remove the blind spot-get visibility of attacks with Cofense Reporter TM. Our solution offers a phishing simulation to protect against file-transfer attacks like the one described in this blog.Īccording to the Cofense Phishing Defense Center, over 91% of the credential harvesting attacks they identify bypassed email gateways. Protect the keys to your kingdom-condition end users to be resilient to credential harvesting attacks with Cofense PhishMe TM. Learn how our dedicated experts provide actionable intelligence to stop phishing threats.ħ5% of threats reported to the Cofense Phishing Defense Center are credential phish. The Cofense Phishing Defense Center identifies active phishing attacks in enterprise environments. Useful Resources for Customers Description These include ProofPoint, Office365 Safe Links, and Symantec.
The PDC has observed this attack method to bypass multiple gateways. More often than not, we see a Microsoft Service being targeted, however we have observed other targeted brands.Īs WeTransfer is a well-known and trusted file hosting system, used to share files too large to attach to an email, these links will typically bypass gateways as benign emails, unless settings are modified to restrict access to such file sharing sites. In the final stage of the attack, victims are asked to enter their Office365 credentials to login. html file, he or she is redirected to the main phishing page.
Wetransfer headquarters download#
When the user clicks on the “Get your files” button in the message body, the user is redirected to the WeTransfer download page where a HTM or HTML file is hosted and thus downloaded by the unsuspecting victim. This is a commonly observed phishing technique to pique the user’s interest. Here, the threat actor will often write a note stating that the file is an invoice to be reviewed. WeTransfer allows for the addition of a note to the email to clarify why the file was sent. As these are legitimate links from WeTransfer, this allows them to travel straight through security checks at the gateway. The attackers utilise what appears to be compromised email accounts to send a genuine link to a WeTransfer hosted file. The email body is a genuine notification from WeTransfer which informs the victim that a file has been shared with them. The attacks span major industries like banking, power, and media. The Cofense Phishing Defense Center has observed a wave of phishing attacks that utilize the legitimate file hosting site WeTransfer to deliver malicious URLs to bypass email gateways.
0 kommentar(er)
