Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Microsoft Office 365 Admins Targeted by Ongoing Phishing Campaign
#1
[Image: Microsoft_account_phishing.jpg]

Quote:A new phishing campaign is actively targeting Microsoft Office 365 administrators with the end goal of compromising their entire domain and using newly created accounts on the domain to deliver future phishing emails.

The attackers use phishing emails designed to look like they are coming from Microsoft, with the Office 365 logo shown at the top, and delivered using "validated domains" "from a legitimate organization’s Office 365 infrastructure" as PhishLabs found.

They also use "Services admin center" as the sender name for the phishing messages delivered through this ongoing campaign as an attempt to spoof the legitimate Microsoft 365 admin center support team, and "Action Required" or "We placed a hold on your account" subjects to persuade their targets to act first and think later.


With the help of this tactic, the threat actors take advantage of a common email filtering solution feature that uses the sender domain's reputation to decide if an email should be blocked or not.

"Well established domains with a track record of sending benign messages are less likely to be quickly blocked by these systems," PhishLabs says. "This increases the deliverability and efficiency of phishing lures."

[Image: Phishing%20email%20sample.png]

Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  GitHub besieged by millions of malicious repositories in ongoing attack mrtrout 0 931 02-29-2024 , 06:16 AM
Last Post: mrtrout
  Over 640 Citrix servers backdoored with web shells in ongoing attacks mrtrout 0 946 08-03-2023 , 07:56 PM
Last Post: mrtrout
  Eugene Kaspersky Targeted attack on our management with the Triangulation Trojan. mrtrout 0 674 06-02-2023 , 03:59 AM
Last Post: mrtrout
  Over 10 Million Facebook Users Hacked in Ongoing Phishing Scam mrtrout 2 1,459 05-29-2023 , 03:41 PM
Last Post: Kai Brooks
  Kaspersky’s Advanced Targeted Threat Predictions For 2022 mrtrout 0 963 11-16-2021 , 02:55 AM
Last Post: mrtrout



Users browsing this thread: 3 Guest(s)