3029 Fortra on Phishing, AI, and LOTS Tactics: Protecting Against Trusted Service Abuse

The Tech Talks Daily Podcast - A podcast by Neil C. Hughes

Categories:

In this episode of The Tech Talks Daily Podcast, I speak with Michael Tyler from Fortra to uncover the details behind a phishing campaign that exploited USign’s e-signature platform. Fortra recently discovered how cybercriminals leveraged USign’s trusted domain to bypass email security gateways, highlighting the growing challenges related to the "living off trusted services" (LOTS) tactic used by attackers. This phishing campaign exposed vulnerabilities within platforms often regarded as safe by email filters, demonstrating how easily attackers can exploit trusted services. Cybercriminals disguised fake USign documents as HR notifications, tricking victims into entering passwords instead of signatures. By using USign’s strong sender reputation, these malicious emails were able to bypass traditional email security measures, making them harder to detect. The attack even showed signs of being generated with AI language models, adding another layer of sophistication. We dive deeper into the LOTS tactic, where attackers take advantage of legitimate services—such as e-signature platforms, file hosting sites, and social media platforms—to execute their malicious activities. This strategy not only reduces the setup effort for attackers but also enables them to hide behind the reputation of trusted service providers, making it increasingly difficult for security systems to flag these threats. Michael discusses the broader implications for cybersecurity and the need for multi-layered defenses. Organizations must not only invest in user education to help employees recognize phishing attempts but also implement deeper email inspection and rapid response capabilities to quickly mitigate risks. For service providers like USign, enhancing security protocols, such as limiting bulk registrations and monitoring for abnormal activity, is crucial in preventing future exploitation. The conversation also explores how Fortra is working with organizations to bolster their defenses against such attacks. Michael shares practical recommendations, from improving detection of social engineering attempts to collaborating with trusted service providers to combat platform abuse. As the world of cybersecurity continues to evolve, this episode provides valuable insights into staying one step ahead of increasingly sophisticated phishing tactics.