In this article, we are going to provide some information about the new outlook phishing attack targeting some employees working in the banking sector from Keepnet customers.
1-What is the new outlook phishing attack? How does it work?
Recently the attackers have planned to penetrate companies by sending a phishing email to the employees of banking institutions. The subject of the emails was ‘Your password expires today. To keep using your current password, click for the update. ‘ Through these emails, attackers have aimed to seize the login information of the email accounts.
Figure 1. The New Phishing Outlook Attack
When employees have clicked on the link in this email that has been sent (https://form.jotform.com/202433277464051), they are redirected to a fake Outlook Web Application. Employees, who have submitted their information into this fake website intending to update their password have taken an error message as soon as their login credentials.
Figure 2.The fake website that looks like the original outlook web application
However, in the background, all the login credentials have been taken over by the attackers. As a consequence of complaints received, the Keepnetlabs team have detected the fraud and the attackers have failed to pursue what they aimed for through their fake websites.
Should these criminals have been successful, they would not only penetrate into the systems but also they would make money selling this stolen data on the black market.
2-Which institutions have been targeted by this new outlook phishing attack?
One may assume that the phishing attacks target personal data, passwords, bank account information, etc., yet attackers aim to use this information to make money and then get a ransom through the leaked data. In this attack, the attackers, who have the same purpose, targeted some employees of Keepnet customers who work in the banking sector.
3-How to Stop the New Outlook Phishing attack?
- Always monitor and learn the evolution of phishing techniques
With each passing day, attackers create new fake websites that look like the real one. Follow the cybersecurity newsletter we publish weekly to stay up to date about evolving online threats.
- Do not share your personal information
Do not send any personal information in response to an email sent to you.
- Make sure the email content is not fake.
Except for the phishing attacks after a data leak, attackers use a generic language such as ”Dear Subscriber” or ”Dear Client” instead of emails containing users’ names.
- Pay attention to the sender’s address.
Carefully review the email sender address, beware that it could be an expertly disguised fake address. Attackers make great efforts to “phish” users with similar characters or deliberate typos in domain names.
- Try Phishing Simulation
Keepnet Labs Phishing Simulator sends benign emails to your employees against phishing attacks. It monitors your employees’ actions and reports them to you, allowing you to safely test them.
- Be one step ahead against cyber attacks with cybersecurity awareness training.
Keepnet Labs hosts more than 200 training in its cybersecurity training library. These trainings are in 8 different languages and consist of learning with games, video, micro-video, HTML5 and other interactive contents. With free security awareness training, it is much easier to turn into cyber agents that recognize and report cyber attacks.
This blog had been published at www.keepnetlabs.com.
