Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Data Security

Spoofing, and SaaS Vanity URLs, and Social Engineering... Oh My!

Kilian Englert and Ryan O'Boyle discuss the recent discovery by Varonis researchers of risks in vanity URL validation, and share what to do to prepare your organization for if (or more likely when) a user accidentally discloses credentials.
Kilian Englert
1 min read
Last updated May 25, 2022

Contents

    Security education has helped users spot potential phishing attempts before it is too late, but new research from Varonis Threat Labs shows we can’t always trust our eyes to detect a social engineering attack.

    Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss the recent discovery by Varonis researchers of risks in vanity URL validation, and share what to do to prepare your organization for if (or more likely when) a user accidentally discloses credentials.

    Please visit our blog to read the full research article.

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-33-–-s3-security-suggestions-&-cyber-insurance-targets
    Threat Update 33 – S3 Security Suggestions & Cyber Insurance Targets
    threat-update-33-–-s3-security-suggestions-&-cyber-insurance-targets
    Kilian Englert
    April 8, 2021
    Kilian, and Ryan from the Varonis Incident Response Team discuss controls to detect ransomware threats quickly while potentially lowering cyber insurance premiums.
    securityrwd---introduction-to-aws-lambda
    SecurityRWD - Introduction to AWS Lambda
    securityrwd---introduction-to-aws-lambda
    Kilian Englert
    April 12, 2022
    Join Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team as they discuss AWS's serverless computing platform, Lambda. Find out what the Lambda functions allow for, see an everyday example of how it all comes together, and learn why it's so important for organizations to monitor Lambda's behavior within the entire Amazon Web Service ecosystem.
    reconnect---ways-attackers-sidestep-your-endpoints
    ReConnect - Ways Attackers Sidestep Your Endpoints
    reconnect---ways-attackers-sidestep-your-endpoints
    Kilian Englert
    March 22, 2021
    One of the age-old questions in cybersecurity is, “Are my endpoint controls enough?” Spoiler alert, unfortunately not! Kilian and Brian discuss scenarios we’ve seen where sophisticated attack groups deliberately leverage...
    securityrwd---introduction-to-aws-simple-storage-service-(s3)
    SecurityRWD - Introduction to AWS Simple Storage Service (S3)
    securityrwd---introduction-to-aws-simple-storage-service-(s3)
    Kilian Englert
    March 17, 2022
    Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team compare and contrast Amazon Web Services S3 to traditional on-prem storage systems. Listen in as the team discusses how AWS S3 goes beyond basic data storage, and enables programmatic access to apps and services inside and outside the AWS environment.