Barracuda has issued a new Threat Spotlight report, warning of a recent rise in phishing attacks that exploit Adobe InDesign, a trusted document publishing system. According to the research, there has been a significant increase in emails carrying Adobe InDesign links, with almost a 30-fold increase since October. The daily count has jumped from around 75 to around 2,000 per day. Alarmingly, nearly one in 10 (9%) of these emails contain active phishing links, while a further 20% include removed content.

Many phishing links observed by Barracuda researchers have the top-level domain of “.ru” and are hosted behind a content delivery network (CDN) that acts as a proxy for the source site. This helps obscure the content’s source and makes it harder for security technologies to detect and block the attacks.

Some attacks leveraging Adobe InDesign appear to target specific organizations or users. These emails carry legitimate brand logos that have probably been copied from other content or scraped from websites by attackers. The logos are likely chosen because they are known and trusted by the targets — and suggest the attackers spent time and resources crafting these messages.

On the other hand, the rest of the attacks are mainly generic mass-distributed messages featuring the OneDrive, SharePoint, and Adobe logos. Some feature fundamental text, pulled together with minimal effort.

All the attacks are relatively straightforward and consistent in their approach, inviting the recipient to click on a link that will take them to another site hosted on the indd.adobe[.]com subdomain but actually controlled by the attackers for the next attack stage.

Phishing attacks continue to evolve and become more sophisticated, deploying different techniques and tactics to bypass security detection and trap victims. The attacks leveraging Adobe InDesign are no exception and employ several tactics to evade detection and trick targets.

How to stay safe from such attacks
To stay protected, it is crucial to have advanced, multilayered, and AI-powered email security in place, capable of identifying emerging and known threats. Regular cybersecurity awareness training for employees is also essential, and the training should be updated whenever new threat trends arise so that employees know what to look out for and what to do if they receive a suspicious or malicious email.


end of article

Source link