Forcepoint researchers describe a layered attack chain that slips past filters by mimicking everyday business behavior.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Forcepoint researchers uncovered a sophisticated multi-stage phishing campaign that exploits PDFs and Dropbox to harvest credentials. The attack works by mimicking normal business behavior: victims receive a legitimate-looking email with a PDF attachment that redirects through a trusted cloud service to a fake Dropbox login page. The campaign bypasses standard email filters and authentication checks because each individual step appears legitimate. Security experts emphasize that traditional "don't click links" training is insufficient; organizations need multi-layered defenses including MFA, conditional access, and evolved security awareness training that addresses modern cloud-hosted, multi-stage attacks.

New phishing attack leverages PDFs and Dropbox