1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Hackers distribute thousands of phishing attacks through Mimecast

    From TechnologyDaily@1337:1/100 to All on Thursday, December 11, 2025 14:30:08
    Hackers distribute thousands of phishing attacks through Mimecast's secure-link feature

    Date:
    Thu, 11 Dec 2025 14:20:00 +0000

    Description:
    A legitimate feature is being abused to hide phishing emails and have them land in inboxes.

    FULL STORY ======================================================================Attacker s abused Mimecasts URLrewriting feature to mask malicious links in phishing emails More than 40,000 emails hit 6,000+ organizations, especially consulting, tech Campaign bypassed filters globally, with most victims in the US, though Mimecast says no flaw exists

    Cybercriminals are abusing a legitimate Mimecast feature to deliver
    convincing phishing emails to their victims - at scale.

    This is according to cybersecurity researchers Check Point, who claim to have seen more than 40,000 such emails being sent to over 6,000 organizations around the world, in a span of merely two weeks.

    First, the crooks would create messages that closely resemble email notifications from reputable brands (SharePoint, DocuSign, or other e-signature notices), paying attention to the details such as logos, subject lines, and display names. Nothing in the messages stands out from routine notification emails.

    Catch the price drop- Get 30% OFF for Enterprise and Business plans

    The Black Friday campaign offers 30% off for Enterprise and Business plans
    for a 1- or 2-year subscription. Its valid until December 10th, 2025. Customers must enter the promo code BLACKB2B-30 at checkout to redeem the offer. View Deal Consulting, tech, and real estate targeted

    At the same time, they would build phishing landing pages that capture credentials or deliver malware. These URLs are wrapped behind one or more legitimate redirect and tracking services, in this case - Mimecast.

    Because this service rewrites links to route through a trusted domain, attackers submit their malicious links so the final email shows a Mimecast domain instead of the real destination.

    As a result, phishing emails successfully move past email security solutions and filters, and land directly into their victims inboxes.

    Check Point says that numerous industries were hit by this campaign, but a
    few - where contracts and invoices exchange is an everyday thing - were hit particularly hard. Those include consulting, technology, and real estate. Other notable mentions include healthcare, finance, manufacturing, and government.

    The majority of the victims are located in the US (34,000), followed by
    Europe (4,500), and Canada (750).

    Mimecast stressed that this is not a vulnerability, but rather a legitimate feature, that is being abused.

    The attacker campaign described by Check Point exploited legitimate URL redirect services to obfuscate malicious links, not a Mimecast vulnerability. Attackers abused trusted infrastructure including Mimecasts URL rewriting service to mask the true destination of phishing URLs. This is a common tactic where criminals leverage any recognized domain to evade detection.

    Via Cybernews

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-distribute-thousands-of-phishin g-attacks-through-mimecasts-secure-link-feature


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)