Sophisticated Phishing Attack Uses Random UUIDs to Bypass Email Security

New phishing campaign uses UUIDs to bypass email security, creating fake login pages that mimic company branding.

By Content Team

Oct 26, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals have developed a new phishing campaign that uses randomly generated Universal Unique Identifiers (UUIDs) to slip past Secure Email Gateways undetected. Discovered by Cofense researchers in February 2025, the attack hides malicious JavaScript in fake file-sharing documents from platforms like OneDrive and DocuSign.

When victims click these documents, the script randomly selects from nine bulk-generated .org domains and creates unique UUIDs to track each target. Instead of typical redirects that change URLs, it uses sophisticated DOM manipulation to replace webpage content in real-time, creating personalized login pages that match the victim's company branding.

This server-driven approach makes the phishing pages look incredibly legitimate, significantly increasing the chances victims will enter their credentials.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Single Hacker Behind Dozens of Major Corporate Data Breaches

Jan 6, 2026

Hightower Financial Services Hit by Data Breach Affecting 131,000 People

Mar 27, 2026

CISA Flags Critical TrueConf Vulnerability Under Active Attack

Apr 6, 2026

CISA Issues Urgent Warning Over Actively Exploited Langflow AI Platform Vulnerability

Mar 28, 2026