Cybercriminals Use GetShared to Sneak Malware Through Enterprise Shields

Cybercriminals are increasingly leveraging legitimate file-sharing platforms like GetShared to bypass enterprise email security systems.

A recent case involving a former colleague, previously employed at Kaspersky, highlights this emerging threat.

The individual received an authentic-looking email notification from GetShared, a genuine service for transferring large files, claiming that a file named “DESIGN LOGO.rar” had been shared with them.

Suspicious of the unsolicited message, they refrained from clicking the link and forwarded it for analysis.

Upon closer inspection, the email was confirmed to be a sophisticated phishing attempt, part of a broader wave of attacks exploiting GetShared’s credibility to deliver malicious content.

Exploiting Legitimate Services for Malicious Intent

Cybercriminals favor services like GetShared because they often evade traditional email security filters.

Most enterprise-grade solutions are designed to block spam, phishing attempts, and malicious attachments at the gateway level.

However, notifications from trusted platforms such as Google Calendar, Dropbox, or ...