In today’s digital landscape, cybercriminals are increasingly exploiting legitimate file-sharing services like GetShared to bypass enterprise email security systems. A recent incident involving a former Kaspersky employee highlights this emerging threat. The individual received an authentic-looking email notification from GetShared, claiming that a file named “DESIGN LOGO.rar” had been shared with them. Suspicious of the unsolicited message, they refrained from clicking the link and forwarded it for analysis. Upon closer inspection, the email was confirmed to be a sophisticated phishing attempt, part of a broader wave of attacks exploiting GetShared’s credibility to deliver malicious content.
Cybercriminals favor services like GetShared because they often evade traditional email security filters. Most enterprise-grade solutions are designed to block spam, phishing attempts, and malicious attachments at the gateway level. However, notifications from trusted platforms such as Google Calendar, Dropbox, or GetShared are less likely to be flagged, as they originate from legitimate domains. Scammers exploit this trust by embedding malicious links or files within these notifications, bypassing initial defenses.
The phishing email in question employed classic social engineering tactics to lure the recipient into engaging with the content. Accompanying the file link was a message inquiring about pricing for items supposedly detailed in the attachment, complete with questions about delivery timelines and payment methods to create a facade of legitimacy. However, several red flags pointed to its fraudulent nature. The filename “DESIGN LOGO.rar” starkly contrasted with the message’s implication of a product list, raising immediate suspicion. Additionally, the sender’s email domain, visible in the notification, was linked to known scam activities upon a quick online search, further confirming the malicious intent.
Beyond this specific case, the use of third-party services for business communication should itself trigger caution. According to Kaspersky, legitimate business inquiries typically follow standard email correspondence before resorting to external file-sharing platforms. Unsolicited notifications from unfamiliar services often indicate ulterior motives—whether the attachment is flagged as spam by security engines, contains links to phishing sites, or harbors malware disguised as a benign document. In this instance, the shared file was a text document with an absurd request to initiate contact, likely a precursor to further social engineering attempts aimed at extracting sensitive information or deploying malware.
As GetShared gains traction among cybercriminals, organizations must bolster their defenses by educating employees to scrutinize unsolicited file-sharing notifications and verify sender identities. Implementing advanced threat detection systems that analyze the content and context of emails, even from trusted services, is also critical. This incident serves as a stark reminder that even legitimate platforms can become unwitting vectors for cyber threats, underscoring the need for vigilance in an ever-evolving digital threat landscape.
At AUMINT.io, we understand the evolving nature of cyber threats. Our platform offers real-time simulations and training to help organizations identify and address vulnerabilities proactively. By leveraging AI-driven threat detection, we empower businesses to stay ahead of cybercriminals.
👉 Book your free strategy session to learn how AUMINT.io can fortify your cybersecurity posture.