Select Page
Retarus Press Release

Phishers are Posing as Contract Partners to Access Company Data

Fraudsters take aim at active directory passwords

Munich, 01.09.2020 // The CERT at Retarus has issued a warning regarding phishing emails in which recipients are instructed to edit important business partner contracts. The phishers pretend to make the document available on the otherwise reputable Dotloop platform, directing the recipients to a fake login page for their Microsoft account.

The fraudulent emails bear the Microsoft logo as well as Dotloop’s official email boilerplate. Dotloop is a US-based platform for conducting real estate transactions in a legally compliant manner. The phishing attack becomes apparent after the recipient has clicked on the button intended to open the contract document. The link leads to a fake Microsoft page, where victims are requested to log in using their email credentials. By looking closely at the browser’s address field, it become clear the address is not to be trusted.

Phishing

“With this password, users are not only granting access to their emails,” underlines Martin Mathlouthi, Product Line Manager Secure Email Platform at Retarus. “As single sign-on is commonplace, this is also likely to be the password for the active directory, allowing the phishers to gain access to other critical company data.”

Avoid online fraud

These phishing mails currently in circulation confirm a trend that security experts at Retarus had already been observing. Poorly designed phishing mails with long, cryptic links and clumsy instructions in error-ridden English are now a thing of the past. The new generation of phishing emails are technically sophisticated, well-formulated, and professionally designed. The shape-shifting scammers disguise themselves as colleagues, supervisors, and business associates, even addressing their victims in the name of official institutions, renowned financial service providers, and online portals.

The Retarus’ Anti-Phishing Guide, which is available for free download, details how employees can best protect themselves from phishing emails (even when working from home), which details to use to recognize well-crafted fraudulent emails, and the best practices for when it is unclear if a message is genuineThe analysts at Forrester also describe what to look out for in an anti-phishing service, and outline the various methods commonly used to defend against phishing in their Now Tech: Antiphishing Solutions, Q1 2019 report.

Advanced Threat Protection

Retarus’ Secure Email Platform provides comprehensive protection, even from highly deceptive phishing emails, by virtue of its Advanced Threat Protection. This includes Time of Click Protection, which checks links contained in emails in real time and effectively blocks phishing websites.

Retarus Time of Click Protection

About Retarus

Retarus is a global provider of APIs, gateways, and applications for messaging, email management, and the exchange of structured data for business processes – with top performance, security, and data protection, provided from the company's self-operated data centers around the globe. Founded in 1992 and headquartered in Munich, Germany, Retarus is owner-managed and proud of its innovation power. The company employs a staff of around 500 at 20 locations on four continents. Retarus' services are leveraged by the world's leading companies. The services are sold directly by Retarus or in close collaboration with selected partners. Analysts constantly commend Retarus' outstanding quality and reliability. More details: www.retarus.com

Press Contact Form

  • This field is hidden when viewing the form
  • This field is hidden when viewing the form
  • This field is for validation purposes and should be left unchanged.

Press Center

Visit our Press Center to see all Press Releases.

Sharing is caring

Download

Pictures // 500 KB
The materials provided at this Web site are for use solely by the news media in articles or other news reports. You do not obtain any ownership right, title, or other interest in Retarus trademarks or copyrights by downloading, copying, or otherwise using these materials.

Always up-to-date

Retarus provides the latest news, information about events as well as reports on first-hand experiences from our customers and business innovators. Sign up for your free newsletter subscription now.

Contact for journalists

retarus GmbH
Global Headquarters
Media Relations
Aschauer Straße 30
81549 Munich
Germany
 
+49 89 5528-1400
press@de.retarus.com

This Retarus site doesn't match your location

Based on your location, we think you may prefer the United States website, where you'll get regional content and offerings. If you are looking for our complete product portfolio, please continue with the Global website.

United States

Global website