To steal Office 365 login information from users, criminals used a phishing attack that used real-time validation against an institution’s Active Directory. It was reported that the attack was made against an executive of a financial organisation.
The email, along with the subject line “ACH Debit Report,” used spoofing tactics to try to trick the recipient into thinking that it was an internal final report. An internal email address was not used in the email sent using the j.q.zehfsje.com subdomain.
The phishing email instructed the recipient to open what appeared to be a text file. When the victim opened this file, he came across a fake copy of Microsoft Office 365 service.
Attackers are constantly improving themselves and their attack methods. This fake portal also well-prepared example of a phishing attack. Because even had the recipient’s username pre-entered in the corresponding text field.
When this imposter portal was examined, it was noticed that it was prepared with customizable tools used to create phishing emails. It was also found that they used the Amazon Simple Email Service (amazonses.com) to send phishing emails.
The fake Office 365 page prepared was determined to use the Office 365 APIs in the background in order to perform the Active directory validation of the victim’s credentials in real-time. With this technique, in real-time, attackers were able to get feedback based on the actions of the users.
Teenagemoglen.com hosts the web service behind the phishing credential website. The domain has been registered as of the end of May 2020 with a Singapore domain registrar at Alibaba.com. The website is hosted by UnifiedLayer, a hosting company based India at a datacenter in Provo, Utah, United States. The website appears as hosting copied web pages from another website. No links appear to be active which enable active interaction with a visitor.
More than 150 victims were found that visited the page after the attack took place. With these findings, it was clear that this was a target-oriented phishing attack.
How to prevent the Office 365 phishing attack?
Find a strategy for cybersecurity awareness training that uses entertaining, learning elements to inspire people and organisations to become a cyber-threats defender. Your employees must learn how not to get hacked, which makes them the first line of defence against more sophisticated phishing attacks or email security risks today.
Keepnet Labs phishing awareness training will help people to make better decisions and circumvent phishing threats or other social engineering attacks. When phishing awareness training is combined with phishing simulator, employees will counter the real-life scenarios and recognise and respond to fake emails more quickly.
Also, you can view another blog post “New Outlook Themed Phishing Attack on Banking Sector“.
Want to protect your organisation against Office 365 Phishing Attacks? Use our phishing attack simulator. See our quickstart video below.
“This post is originally published at www.keepnetlabs.com”
Teknoloji Haberleri
- Simsiyah bir köpek, 2,5 yılda nasıl bembeyaz bir köpek haline geldi?Evcil bir köpek, vitilago teşhisi konulmasından sonra 2.5 sene içinde siyah rengini tamamen kaybederek tamamen beyaz renge dönüştü. Köpeğin sahibi ise bu süreci an an fotoğrafladı.
- 10 dakika şarjla 600 kilometre menzil sağlayan yeni pil teknolojisi tanıtıldıÇinli batarya üreticisi CATL, elektrikli otomobillerin pil sorununu tarihe gömmeye aday yeni batarya teknolojisi tanıttı. Bu teknoloji ile üretilecek piller, sadece 10 dakika şarjla 600 kilometre yol almanızı sağlayacak.
- Bilim insanları, bu çukurun dibine ulaşamıyorDünyanın en derin "mavi noktası" olabilecek bir deniz çukurunu keşfeden bilim insanları, çukurunun derinliğinin ne kadar olduğunu tespit edemiyorlar. Peki bu delik nereye gidiyor?
- Apple CEO'su Tim Cook'tan çok iddialı yapay zeka açıklamalarıApple'ın devam eden üretken yapay zeka çalışmaları hakkında yeni bir açıklama yapan CEO Tim Cook, yapay zekanın Apple'ı farklılaştırmaya yardımcı olacağına inandığı bazı avantajlara sahip olacağını öne sürdü.
- Everest Dağı'nın zirvesinde yumurta haşlamak neden imkansızdır?Size garip bir bilgi verelim: Eğer Everest Dağı'nın zirvesindeyseniz ve canınız haşlanmış yumurta çekiyorsa, bu konuda hiç şansınız yok. Peki ama zirvedeyken yumurta haşlamak neden imkansızdır?