Skip to main content
Back to Blogs

Intelligence Digest

The Newest Abuse of File-Sharing Services Aids Phishing Campaigns

November 17, 2022

By Rodman Ramezanian - Global Cloud Threat Lead, Skyhigh Security

Today, threat actors leverage free cloud tools, such as hosting providers, file transfer services, collaboration platforms, calendar organizers, or a combination of each, to bypass security measures and disseminate malicious payloads around the world. In this instance, we focus on the Lampion malware campaign, first reported by researchers at Cofense.

The threat actors behind the Lampion malware campaign send phishing emails using hacked business accounts, encouraging end-users to download a ‘Proof of Payment’ mock file hosted on WeTransfer. Its primary objective is to extract bank account details from the system. The payload overlays its own login forms onto banking login pages. When users enter their credentials, these fake login forms will be stolen and sent back to the attacker.


Read the Skyhigh Security Intelligence Digest,
The Newest Abuse of File-Sharing Services Aids Phishing Campaigns.

View the entire Skyhigh Security Intelligence Digest series here.

Learn more testing Back to Blogs

Related Content

News thumbnail
Cloud Security

The Skyhigh Client Proxy Context Advantage

Jeff Ebeling - July 9, 2024

News thumbnail
Industry Perspectives

Revolutionize Your Research with AI

Cleo McMichael - June 28, 2024

Recent blogs

Cloud Security

The Skyhigh Client Proxy Context Advantage

Jeff Ebeling - July 9, 2024

Industry Perspectives

Revolutionize Your Research with AI

Cleo McMichael - June 28, 2024

Industry Perspectives

Legacy Web Gateway vs Next-Generation Web Gateway: Understanding the Key Differences

Mohammed Guermellou - June 12, 2024

Industry Perspectives

Telecom Company Replaces Traditional VPN with Skyhigh Private Access

America Garcia - June 6, 2024