1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft 365 users targeted by major phishing campaign

    From TechnologyDaily@1337:1/100 to All on Thu Aug 10 13:45:04 2023
    Microsoft 365 users targeted by major phishing campaign

    Date:
    Thu, 10 Aug 2023 13:33:49 +0000

    Description:
    Someone's going after Microsoft 365 accounts belonging to C-level execs.

    FULL STORY ======================================================================

    Someone is targeting high-profile individuals such as C-level executives with super-tailored phishing emails, cybersecurity researchers from Proofpoint
    have claimed.

    The company says it has recently unovered a major campaign whose goal is to steal Microsoft 365 accounts leveraging a known phishing-as-a-service
    provider known as EvilProxy.

    This tool costs around $400 a month and was used to send some 120,000
    phishing emails to more than a hundred organizations in the past couple of months. In this particular campaign, the threat actors are stealing login credentials and multi-factor authentication (MFA) codes by redirecting the users multiple times until they land on the specially crafted, malicious landing page. That not only allows them to steal the needed information, but also to evade detection. Turkish threat actors?

    "In order to hide the user email from automatic scanning tools, the attackers employed special encoding of the user email, and used legitimate websites
    that have been hacked, to upload their PHP code to decode the email address
    of a particular user," Proofpoint said in its writeup.

    "After decoding the email address, the user was forwarded to the final
    website the actual phishing page, tailor-made just for that targets organization."

    The researchers also speculate that the attackers are from Turkey, because users with Turkish IP addresses are redirected to the legitimate site immediately and the entire operation gets called off. Read more

    Some of Google's new domain names could pose a serious security risk


    These dangerous phishing attacks are more common than ever - here's what
    you need to know


    Here's our list of the best ID theft protection software

    The researchers also determined that the entire operation was very precise. Targets that were lower in an organizations hierarchy were ignored, or de-prioritized. Instead, high-position individuals, VIP targets, were more attractive. Almost two in five (39%) of the breached accounts were C-Suite, almost a tenth (9%) were CEOs and vice presidents, and almost a fifth (17%) were CFOs.

    The rest were not executives, but still individuals with access to sensitive information, or financial assets.

    The only way to defend against these attacks is to make sure the targets dont fall for the trap and click on the link, or download the attachment, sent in these emails. FIDO-based physical keys can also help, the researchers concluded. These are the best firewalls to keep your business safe

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/pro/microsoft-365-users-targeted-by-major-phishing-c ampaign


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)