• 3,000 firms
  • Independent
  • Trusted
Save up to 70% on staff

News » Phishing scam targets SMBs via email provider SendGrid

Phishing scam targets SMBs via email provider SendGrid

Phishing scam targets SMBs

MASSACHUSETTS, UNITED STATES — Cybersecurity firm Kaspersky revealed a new phishing campaign that specifically targets small and medium-sized businesses (SMBs) by exploiting the email service provider SendGrid. 

This campaign is particularly dangerous as it uses stolen credentials to send out phishing emails that appear legitimate, thus deceiving recipients into providing sensitive information.

The attackers gain access to mailing lists and send emails urging recipients to enable two-factor authentication (2FA) for security purposes. However, the link provided in the email redirects to a fraudulent website that mimics the SendGrid login page, where the credentials of unsuspecting users are stolen.

The emails sent through SendGrid look authentic to email scanners, with valid links pointing to the SendGrid domain. The only potential giveaway is the sender’s address, which includes the real customer’s domain and mailing ID. 

A key indicator of the scam is the phishing site’s domain “sendgreds,” which is a slight but critical variation from the legitimate “sendgrid.”

To combat such threats, Kaspersky recommends providing staff with basic cybersecurity training, conducting simulated phishing attacks, and using mail server protection solutions with anti-phishing capabilities.

Roman Dedenok, a security expert at Kaspersky, emphasizes the importance of scrutinizing emails from service providers. 

“Using a reliable email service provider is important when it comes to your business’ reputation and safety,” Dedenok added.Last December, a separate Kaspersky research revealed that 45% of companies plan to outsource cybersecurity tasks within the next year to a year and a half to enhance their defenses against the growing number of cyberattacks.

Start your
journey today

  • Independent
  • Free
  • Transparent

About OA

Outsource Accelerator is the trusted source of independent information, advisory and expert implementation of Business Process Outsourcing (BPO)

The #1 outsourcing authority

Outsource Accelerator offers the world’s leading aggregator marketplace for outsourcing. It specifically provides the conduit between Philippines outsourcing suppliers and the businesses – clients – across the globe.

The Outsource Accelerator website has over 5,000 articles, 450+ podcast episodes, and a comprehensive directory with 4000+ BPO companies… all designed to make it easier for clients to learn about – and engage with – outsourcing.

About Derek Gallimore

Derek Gallimore has been in business for 20 years, outsourcing for over eight years, and has been living in Manila (the heart of global outsourcing) since 2014. Derek is the founder and CEO of Outsource Accelerator, and is regarded as a leading expert on all things outsourcing.

“Excellent service for outsourcing advice and expertise for my business.”

Learn more
Banner Image
Get 3 Free Quotes Verified Outsourcing Suppliers
3,000 firms.Just 2 minutes to complete.
SAVE UP TO
70% ON STAFF COSTS
Learn more

Connect with over 3,000 outsourcing services providers.

Banner Image

Transform your business with skilled offshore talent.

  • 3,000 firms
  • Simple
  • Transparent
Banner Image