Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Microsoft Warns of Widespread Open Redirects Phishing Attacks
#1
Quote:Microsoft's cybersecurity experts discovered an ingenious phishing technique involving fake CAPTCHA checking

Microsoft issued a warning about a huge phishing campaign that uses open email links to steal credentials, according to The Hacker News.

An old idiom advises us to work smart, not hard and nobody applies it better than modern hackers. Using something as common as URLs, threat actors manage to trick numerous users into introducing sensitive information that could grant access to an organization's network, steal credit card information or personal data that can be used for blackmailing. Nowadays, some manage to perfect their campaigns to the point where they are not even detected by advanced and up-to-date anti-malware solutions.

Microsoft 365 Defender Threat Intelligence Team explained in a report "Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking," [...] "Doing so leads to a series of redirections — including a CAPTCHA verification page that adds a sense of legitimacy and attempts to evade some automated analysis systems — before taking the user to a fake sign-in page. This ultimately leads to credential compromise, which opens the user and their organization to other attacks".

Microsoft found more than 350 phishing domains

Microsoft detected at least 350 different phishing scams in a recent campaign that illustrate the effective use of persuasive social engineering decoys. In most cases, the links pretend to be notifications from programs like Office 365 and Zoom, both commonly used in the organizational environment. The redirect URLs are encoded in the message, whereas the email addresses can be on behalf of online stores, clubs or anything else with an online presence.

The malicious landing page uses Google's reCAPTCHA to reject any dynamic scan attempt to validate the attack. Once the CAPTCHA check is complete, victims are presented with a fake login page that mimics a well-known provider, usually Microsoft Office 365, where they capture the usernames and passwords.

SOURCE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  VMware warns of critical vRealize flaw exploited in attacks mrtrout 0 568 06-21-2023 , 02:00 AM
Last Post: mrtrout
  Russian hackers linked to widespread attacks targeting NATO and EU mrtrout 0 1,363 04-15-2023 , 07:54 PM
Last Post: mrtrout
  ASUS warns of Cyclops Blink malware attacks targeting routers tarekma7 0 2,074 03-19-2022 , 02:40 PM
Last Post: tarekma7
  Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation mrtrout 0 736 09-23-2021 , 08:09 PM
Last Post: mrtrout
  New Zealand suffers a widespread Internet outage mrtrout 0 764 09-07-2021 , 07:36 AM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)