To steal Office 365 login information from users, criminals used a phishing attack that used real-time validation against an institution’s Active Directory. It was reported that the attack was made against an executive of a financial organisation.
The email, along with the subject line “ACH Debit Report,” used spoofing tactics to try to trick the recipient into thinking that it was an internal final report. An internal email address was not used in the email sent using the j.q.zehfsje.com subdomain.
The phishing email instructed the recipient to open what appeared to be a text file. When the victim opened this file, he came across a fake copy of Microsoft Office 365 service.
Attackers are constantly improving themselves and their attack methods. This fake portal also well-prepared example of a phishing attack. Because even had the recipient’s username pre-entered in the corresponding text field.
When this imposter portal was examined, it was noticed that it was prepared with customizable tools used to create phishing emails. It was also found that they used the Amazon Simple Email Service (amazonses.com) to send phishing emails.
The fake Office 365 page prepared was determined to use the Office 365 APIs in the background in order to perform the Active directory validation of the victim’s credentials in real-time. With this technique, in real-time, attackers were able to get feedback based on the actions of the users.
Teenagemoglen.com hosts the web service behind the phishing credential website. The domain has been registered as of the end of May 2020 with a Singapore domain registrar at Alibaba.com. The website is hosted by UnifiedLayer, a hosting company based India at a datacenter in Provo, Utah, United States. The website appears as hosting copied web pages from another website. No links appear to be active which enable active interaction with a visitor.
More than 150 victims were found that visited the page after the attack took place. With these findings, it was clear that this was a target-oriented phishing attack.
How to prevent the Office 365 phishing attack?
Find a strategy for cybersecurity awareness training that uses entertaining, learning elements to inspire people and organisations to become a cyber-threats defender. Your employees must learn how not to get hacked, which makes them the first line of defence against more sophisticated phishing attacks or email security risks today.
Keepnet Labs phishing awareness training will help people to make better decisions and circumvent phishing threats or other social engineering attacks. When phishing awareness training is combined with phishing simulator, employees will counter the real-life scenarios and recognise and respond to fake emails more quickly.
Also, you can view another blog post “New Outlook Themed Phishing Attack on Banking Sector“.
Want to protect your organisation against Office 365 Phishing Attacks? Use our phishing attack simulator. See our quickstart video below.
“This post is originally published at www.keepnetlabs.com”
Teknoloji Haberleri
- Tesla'dan çok tartışılacak bir karar daha: Otonom taksi filosu geliyorX'in, elektrikli otomobillerin, yeraltı tünellerinin, kripto paraların, uzayın, Mars'ın, galaksilerin, nebulaların fatihi Elon Musk şimdi de "taksiciliğe" başlıyor...
- SteelSeries Alias Pro İncelemeSteelSeries kendisi için bir ilke imza atarak Alias Pro ile mikrofon pazarına iddialı bir giriş yapıyor. Alias Pro, yanında gelen yayın mikseriyle beraber kurulumlarınızı bir üst seviyeye taşımak için ihtiyacınız olan her şeyi sunuyor. İşte tüm detaylarıyla SteelSeries Alias Pro İncelemesi!
- Qualcomm'dan Windows için bir işlemci daha: Snapdragon X Plus tanıtıldıQualcomm, Snapdragon X Elite'in hemen altında yer alacak, daha az çekirdek sayısına sahip Snapdragon X Plus'ı tanıttı. Peki yeni işlemcini bizlere neler sunuyor?
- Bilgisayarınız yapay zeka desteğine sahip mi? İşte bunu anlamanın yoluYeni bir bilgisayar aldınız, ancak bir "AI PC" veya yapay zeka özellikli olup olmadığını bilmiyorsunuz... Bunun öğrenmenin kolay bir yolu var.
- WhatsApp’tan bir sürpriz daha: Numara çevirici geliyorYeni bir sızıntı, WhatsApp’a bir numara çevirici ekleneceğini gösteriyor. Peki bu çevirici ne işimize yarayabilir?