On November 1st, cloud storage behemoth Dropbox reported that attackers had successfully targeted some of their engineers, capturing credentials for the company’s account on GitHub. This gave the attackers access to the company’s source code for internal prototypes, as well as some of the tools used by Dropbox’s security team.
While users of all levels of sophistication are successfully tricked into providing credentials to phishing sites every day, the Dropbox case is notable for a couple of reasons. First, this attack was highly targeted and relatively sophisticated. The attackers identified a specific piece of software tied to GitHub that the Dropbox development team used and sent an email masquerading as the company that makes that software. Next, although Dropbox had systems in place to identify and quarantine phishing emails, those systems only blocked some of the emails while delivering others straight to users’ inboxes.
Even with protections in place, malicious emails still made it to the engineers’ inboxes and Dropbox’s most technically savvy employees were duped into providing their credentials to the attackers. This incident shows that attackers will go to great lengths to develop targeted campaigns and that conventional tools and security awareness only go so far towards stopping them.
Fortunately, ConcealBrowse offers an extra layer of protection against phishing, distrusting risky web sites by default and providing protection even when email filtering fails. Once a user clicks a phishing link, ConcealBrowse goes into action, scanning the URL and any resources loaded by it to ensure they haven’t been flagged as dangerous. At the same time, ConcealBrowse uses advanced AI to analyze the pages for signs of a phishing attack, and blocks attackers at the browser level before the user has an opportunity to provide credentials.
As attackers grow more sophisticated in their targeting and tactics, companies must build zero trust into their operations. ConcealBrowse works in the browser to stop threats before they reach your network.