Security · 3h ago
Ghost Phishing Campaign Bypasses Traditional Email Security
A new 'ghost phishing' campaign called EvilTokens is targeting US and European businesses, hiding malicious pages that decrypt only in the victim's browser. This technique evades traditional URL scanning, posing a risk to Microsoft 365 accounts and sensitive data. Security leaders must update defenses to detect dynamic, client-side threats.
Meridian48 take
The attack underscores how static email filters are becoming obsolete against sophisticated, browser-based threats.
Read the full reporting
New Ghost Phishing Wave Is Breaking Traditional Email Security →
The Hacker News
ghost-phishingemail-security