SMBs are being targeted by this new phishing scam — make sure you don't fall victim

Its clients are mostly small and medium-sized businesses (SMB) which use the services to communicate with their customers, sending emails in bulk, fast and cheap.

Bypassing email security

According to the researchers, unnamed attackers exploited SendGrid to access client mailing lists, and used those to send custom-tailored, well-built phishing emails. The emails, they said, appeared quite authentic, significantly increasing the chances of success.

In the emails, the attackers impersonated SendGrid and demanded users activate multi-factor authentication (MFA). The emails further carried a link which, if clicked, led to a landing page that mimicked the SendGrid login page, but was instead under the control of the attackers.

There, whoever typed in their login credentials essentially shared them with the attackers. 

Besides super convincing phishing emails, another thing makes this campaign particularly destructive - the fact that it successfully bypasses traditional email security measures. As the emails go through a legitimate service and show no obvious signs of fraud, most email security solutions did not filter them out and instead had them land right in the inbox. 

“Using a reliable email service provider is important when it comes to your business’s reputation and safety,” said Roman Dedenok, a security expert at Kaspersky.

“However, some sneaky scammers learned how to mimic reliable services – so it is crucial to check the emails that you receive properly, and, for better protection, install a reliable cybersecurity solution.”

One of the best ways to protect against phishing is to train the staff to be able to spot email-borne attacks, Kaspersky concluded. 

More from TechRadar Pro

• Everything you need to know about phishing
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now