As cybercriminals become more sophisticated, the tactics they employ to execute attacks are evolving. Security experts have long emphasized the importance of layered defenses in cybersecurity, and now, the attackers are adopting similar strategies. Recent insights reveal that two-step phishing attacks (2SP) have emerged as a central tactic in modern cybercrime, making it critical for individuals and organizations to remain vigilant.

According to researchers at Perception Point, a significant shift has been observed in the methods used by threat actors, particularly involving Microsoft Visio files (.vsdx) as a new mechanism to bypass security measures. This adaptation takes advantage of the trust that users place in everyday workplace tools, thereby increasing the likelihood of falling victim to such schemes.

The Phishing Game: A Familiar Trap

Microsoft Visio is widely utilized in businesses for visualizing complex data and workflows. Cybercriminals exploit this familiarity to launch their attacks under the guise of legitimate files. The threat actors entice potential victims with emails containing business proposals or urgent requests that lead them to a compromised Microsoft SharePoint page hosting a .vsdx file.

Once clicked, the victim encounters the real trap: an embedded URL disguised within the document, masked by a seemingly harmless "view document" button. This intricate method reflects a new layer of deception aimed at evading traditional security defenses and exploiting user trust.

The Rise of Double Trouble in Cyber Attacks

Perception Point's analysis highlights a dramatic increase in these sophisticated 2SP phishing attacks, which are targeting organizations worldwide. As they evolve, cybercriminals initially utilize compromised email accounts to send phishing emails that appear legitimate, thus bypassing basic authentication checks.

The real red flag arises when users are prompted to follow unusual instructions, such as holding down the Ctrl key while clicking a link. This specific action—while sounding innocuous—has been designed to circumvent automated email security scanners, relying instead on human interaction to facilitate the attack.

Protect Yourself: Best Practices to Mitigate Risk

Given this new threat landscape, ensuring robust email account security is more crucial than ever. Here are some tips to help protect yourself and your organization:

1. **Verify Source Authenticity**: Always check the sender's email address and be cautious of unsolicited emails, even those that appear to come from trusted sources.

2. **Educate and Train**: Regularly train employees on recognizing phishing attempts and understanding the importance of verifying links before clicking.

3. **Implement Multi-Factor Authentication**: This adds an extra layer of security, making it more difficult for attackers to gain unauthorized access.

4. **Utilize Advanced Threat Protection**: Deploy email filtering solutions that identify and block malicious emails before they reach the inbox.

5. **Inspect Links Carefully**: Hover over links to view their actual destination before clicking, and avoid instructions that seem odd.

As cyber threats continue to evolve, staying informed and prepared is essential in safeguarding both personal and organizational data. The prominent rise in these two-step phishing attacks serves as a critical reminder: be cautious with every click. Don't fall for the trap—stay safe online!