Phishing Delivery: Attackers distribute financially themed documents via Gamma App, embedding a clickable link that redirects victims to a phishing website powered by the Sneaky 2FA Phishing Framework.
Sneaky, Yet Effective: Gamma App Edition
Crafty phishing kit and Gamma AI platform used to evade SEGs.
What is the attack?
Human Verification: The phishing site employs Cloudflare Captcha, preventing automated access and enhancing the attack’s legitimacy.
Why did it get through?
Verified Source: Email sent from a domain passing sender authentication checks.
Legitimate Hosting: The malicious document was hosted on Gamma App's AI-powered document generation platform, leveraging a trusted domain to evade suspicion.
URL Crawling/Analysis Protection: The added Captcha functionality limits automated link crawling and URL analysis features, increasing the difficulty for automated detection.
What is required to solve for this attack?
Behavioral Analysis: Abnormal’s Behavioral AI flags never-before-seen senders, unusual email content, and URLs as anomalies that enable the detection of novel attacks.
Defense-in-depth: This pairs well for defense in depth with the Cloud Email Platform (M365’s) Threat Intelligence layer.