Supermailer program used in accounting data theft campaign

According to recent reports by security firm Cofense, cybercriminals are using the Supermailer program to send phishing emails that bypass Secure Email Gateway (SEG) protection. In May alone, Supermailer was responsible for 5% of all phishing emails that requested accounting data, and the campaign volume is growing exponentially.

Brad Haas, a cyberosis analyst at Cofense, explained that attackers are able to bypass protection by combining the capabilities of Supermailer with methods of setting up fake, but highly convincing emails that are sent to mailboxes across various industries.

Supermailer is a German program that enables the creation and sending of electronic mailings in HTML format or text with variable recipients. With the ability to support multiple postal systems and distribute the sending of emails to different services, the likelihood of them being blocked by security measures is greatly reduced.

However, Supermailer is also vulnerable to the “Open Redirect” attack, which redirects users to a potentially malicious website. While initially used to indicate the location of files on the internet, URLs are now used to denote addresses of all resources, regardless of type.

As cybercriminals continue to exploit the vulnerabilities of Supermailer, it is important for individuals and organizations to remain vigilant and take necessary precautions to protect against phishing attacks.

/Reports, release notes, official announcements.