Barracuda Spam Filtering

Barracuda Spam Filtering

Cybercriminals exploit SVB collapse to steal money and data

By Bill Toulas March 14, 2023 11:55 AM

My thoughts using Barracuda Complte Mail Protection in front of O365 or G-suite is very in expensive compared to your complet network or computers being taking down with malware.

The collapse of the Silicon Valley Bank (SVB) on March 10, 2023, has sent ripples of turbulence throughout the global financial system, but for hackers, scammers, and phishing campaigns, it’s becoming an excellent opportunity.

As multiple security researchers report, threat actors are already registering suspicious domains, conducting phishing pages, and gearing up for business email compromise (BEC) attacks.

These campaigns aim to steal money, steal account data, or infect targets with malware.
SVB going defunct

SVB was a U.S.-based commercial bank, the 16th largest in the country, and the largest bank by deposits in Silicon Valley, California.

On March 10, 2023, the bank failed after a run on its deposits. This failure was the largest of any bank since the 2007-2008 financial crisis and the second-largest in U.S. history.

This event has impacted many businesses and people in the technology, life science, healthcare, private equity, venture capital, and premium wine industries who were customers of SVB.

The chaotic situation is further worsened by the prevailing elements of urgency, uncertainty, and the significant amounts of money deposited at the bank.
Scammers jump at the opportunity


Security researcher Johannes Ulrich reported yesterday that threat actors are jumping at the opportunity, registering suspicious domains related to SVB that are very likely to be used in attacks.

Some of the examples given in a report published on the SANS ISC website include:


Ulrich warned that the scammers might attempt to contact former clients of SVB to offer them a support package, legal services, loans, or other fake services relating to the bank’s collapse.

An attack already seen in the wild is from BEC threat actors who are impersonating SVB customers and telling customers that they need payments sent to a new bank account after the bank’s collapse.

However, these bank accounts belong to the threat actors, who steal payments meant to go to the legitimate company.

Cyber-intelligence firm Cyble published a similar report today exploring developing SVB-themed threats, warning about these additional domains:


Many of these sites were registered on the day of the bank’s collapse, March 10, 2023, and are already hosting cryptocurrency scams.

These scam pages tell SVB customers that the bank is distributing USDC as part of a “payback” program.

“March 13 2023 – Silicon Valley Bank is actively distributing USDC as part of the SVB USDC payback program to eligible USDC holders. USDC payouts can only be claimed once per wallet,” claims the cryptocurrency scam.

However, clicking on the site’s ‘Click here to claim’ button brings up a QR code that attempts to compromise Metamask, Exodus, and the Trust Wallet crypto wallets when scanned.

Article (
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

Microsoft Outlook flooded with spam due to broken email filters

By Sergiu Gatlan February 20, 2023 11:58 AM

Do you want to save up to 10 minutes a day? Wholesale pricing is way to inexpensive not to use (Barracuda Mail Filtering) call to set up a account for you clients we already maintain 1000’s of mailboxes with 3rd level support. Your clients do not need to click on bad links

According to reports from an increasing number of Microsoft customers, Outlook inboxes have been flooded with spam emails over the last nine hours because email spam filters are currently broken.

This ongoing issue was confirmed by countless Outlook users who have reported (on social media platforms and the Microsoft Community’s website) that all messages were landing in their inboxes, even those that would have been previously tagged as spam and sent to the junk folder.

“I’ve received 36 spam emails in my inbox the past 2 hours straight. It’s been happening for way too long and it just continues to get worse on an hourly basis,” one user said.

“Seems to have begun happening between 10pm and midnight Eastern time (I have a successful junk mail at 10:04pm, and the first inbox junk mail at 12:17am),” another added.

Some say that even checking the “Only trust email from addresses in my Safe Senders and domains list and Safe mailing lists” in Junk Mail > Filters doesn’t fix this issue, pointing to the webmail service’s filtering being completely broken.

Despite the stream of customer complaints, the Office service status page shows that “everything is up and running.”

Microsoft is yet to share a public statement confirming Outlook users’ reports that spam filters are broken.

While today the spam filtering issue in Outlook seems to be particularly bad and affecting a massive number of customers, this has been going on for months, with some reporting seeing many spam emails landing in their inbox since at least November 2021.

Microsoft didn’t reply to a request for comment when BleepingComputer reached out earlier today.

Article (

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks (O365)

1) Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks
Nearly 60% of all phishing attacks impersonate Microsoft and about half a million Microsoft 365 accounts were compromised in 2021, new data shows.

Barracuda Networks’ telemetry — from from millions of emails it analyzed — shows that in 2021, a little over half of all social engineering attacks came via phishing, and Microsoft was the most-impersonated brand in those attack attempts. Overall, attackers sent 3 million emails from 12,000 compromised accounts, and one in five organizations suffered an account compromise last year.

As a Security Software Distributor of Barracuda there security mail which is by far the best in the industry. Built from scratch using open source. For a very inexpensive dollar amount you could be protected> Call your MSP/Tech firm for pricing and then have them call MspPortal Partners to assist in implementing a secure solution at no additional cost.

1) Google Emergency Update Fixes Chrome Zero-Day
Google patches a critical flaw in its Chrome browser, bringing its count of zero-day vulnerabilities fixed in 2022 to four already. Do you really want to use Chrome or Google period let alone Google Mail
2) Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809)
3)Microsoft Releases April 2022 Security Updates (112)
4) Apple Releases Security Updates (its getting worse)

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”


More Orgs Suffered Successful Phishing Attacks in 2021 Than in 2020

Enterprise organizations appear to be falling even further behind in their battle against phishing threats despite heightened awareness of the problem and efforts to curb it.

A new study shows that in 2021 more organizations experienced at least one successful email-based phishing attack than the year before. There were also more opportunistic and targeted phishing attacks last year compared with 2020, as well as phishing attacks involving ransomware and business email compromise (BEC).

Researchers recently analyzed data from a survey of 600 IT and security professionals and another survey of 3,500 employees from seven countries, including the US, UK, France, Germany, and Australia. The researchers also analyzed data gathered from some 100 million simulated phishing attacks and more than 15 million emails that end users reported as being suspicious.

Seventy-eight percent of organizations experienced a ransomware attack in which a phishing email was the initial infection vector. Seventy-seven percent reported a phishing-related BEC incident — an 18-point increase from 2020. Overall, 12% more organizations reported being victims of an indiscriminate or opportunistic phishing attack, while organizations reporting more targeted spear-phishing and BEC attacks went up 20%.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender and Barracuda Distributor for Msp’s
“Where Service and Technical Skills Count”

Hackers slip into Microsoft Teams chats to distribute malware

Hackers slip into Microsoft Teams chats to distribute malware

Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.

More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.
Simple but efficient method

Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform.

The attacks started in January, the company says in a report today, and the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it.

Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.
“In this Teams attack, hackers have attached a malicious Trojan document to a chat thread. When clicked on, the file will eventually take over the user’s computer” – Avanan

Manage Microsoft Teams settings for your organization
Here you can turn on or turn off file sharing and cloud file storage options. read Article and turn off file sharing

Users can upload and share files from cloud storage services in Teams channels and chats. Cloud storage options in Teams currently include Dropbox, Box, Citrix files, Google Drive, and Egnyte. Turn on the switch for the cloud storage providers that your organization wants to use.

Using either the above solution and fixing the issues or

Use Bitdefender/MspPortal Partners malware protection in combination of Barracuda/MspPortal Partners Spam, Phishing malware protection

Roy Miehe | MspPortal Partners Inc. | Ceo/President Bitdefender /MSP Aggregator – Distributor “Where Service and Technical Skills Count”

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

Thanks to Bleeping Computer

  1. Implement regular backups of all data to be stored as air gapped, password protected copies offline.
  2. Ensure these copies are not accessible for modification or deletion from any system where the original data resides.
  3. Implement network segmentation, such that all machines on your network are not accessible from every other machine.
  4. Install and regularly update MspPortal Partners/Bitdefender antivirus software on all hosts, and enable real time detection.
  5. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released be careful of this look at KB’s first.
  6. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
  7. Audit user accounts with administrative privileges and configure access controls with least privilege in mind. Do not give all users administrative privileges.
  8. Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs for any unusual activity.
  9. Consider adding an email banner to emails received from outside your organization.
  10. Disable hyperlinks in received emails MspPortal Partners/Barracuda
  11. Use double authentication when logging into accounts or services.
  12. Ensure routine auditing is conducted for all accounts
  13. Ensure all the identified IOCs are input into the network SIEM for continuous monitoring and alerts.
  14. Do you want Security Updates Emailed to you Subscribe to blog (bottom  of News page)


    Roy Miehe | MspPortal Partners Inc. | Ceo/President

    Bitdefender /MSP Aggregator – Distributor

    “Where Service and Technical Skills Count”

New Phishing Attack on Microsoft O365

August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article

MspPortal Partners along with Barracuda does have  a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)

With Barracuda Advanced Threat Protection

With Barracuda Advanced Threat Protection
MspPortal Partners blocked 767 Infected attachments in the last 24 hours protecting our partners clients from becoming/getting infected. Thousand of dollars were saved in mitigation costs

Scan Description the file was scanned by the Barracuda Advanced Threat Protection (ATP) service. ATP scans for malware, zero-day exploits, and targeted attacks not detected by other virus scanning features or the intrusion prevention system. ATP analyzes files in a secure cloud environment and makes an overall determination once scanning is complete.

Most of the blocked emails were Microsoft: docx, xlsm , xlsx, pdf, exe and rar

MspPortal Partners is a leader in providing security software to the Tech Community at better then wholesale pricing , service and support

MspPortal now provides Encrypt Mail at no extra charge using Barracuda Spam filtering

If you are using with MspPortal Partners Barracuda Spam Filtering you can now do encrypt mail also at no additional cost.

Rackspace, Office 365, Google Apps, Exchange, Lotus Domino, GroupWise, Zimbra, Gmail, postfix, Send Mail, and more can be used as long as you can add a smart host entry.

I will assist in the original setup at no extra charge ( training) Use a word such as I do “secure” in the subject line plus you have the best spam filtering soluion in the industry.

13 email threat types to know about right now

Brought to by Barracuda and MspPortal Partners/MSP Aggregator – Distributor
How inbox defense protects against increasingly sophisticated attacks or compliment your current mail filtering solution considering O365 and Mimecast are now compromised very inexpensive to protect yourself from bad actors.
Have your tech team contact MspPortal Partners for pricing

MspPortal provides aggressive/displacement pricing but assisting in the integration and 1 & 2 line tech support

PDF Table of Contents
1) Introduction: Radically reduce susceptibility to targeted email attacks page 1
2) Fighting increasingly complex email attacks page 3
3) Spam page 5
4) Malware 8
5) Data Exfiltration page 12
6) URL Phishing page 15
7) Scamming page 18
8) Spear Phishing page 22
9) Domain Impersonation page 26
10)Brand Impersonation page 30
11)Blackmail page 34
12)Business Email Compromise page 38
13)Conversation Hijacking page 42
14)Lateral Phishing page 46
15)Account Takeover page 49
16)Strengthening your email security posture with API-based inbox defense page 53
17)Conclusion: Effectively protecting against evolving email threats page 56

PDF download Barracuda 13 email threats