Genel

OFFICE 365 PHISHING ATTACK USING REAL-TIME VALIDATION

0 1

To steal Office 365 login information from users, criminals used a phishing attack that used real-time validation against an institution’s Active Directory. It was reported that the attack was made against an executive of a financial organisation.

The email, along with the subject line “ACH Debit Report,” used spoofing tactics to try to trick the recipient into thinking that it was an internal final report. An internal email address was not used in the email sent using the j.q.zehfsje.com subdomain.

The phishing email instructed the recipient to open what appeared to be a text file. When the victim opened this file, he came across a fake copy of Microsoft Office 365 service.

Attackers are constantly improving themselves and their attack methods. This fake portal also well-prepared example of a phishing attack. Because even had the recipient’s username pre-entered in the corresponding text field.

When this imposter portal was examined, it was noticed that it was prepared with customizable tools used to create phishing emails. It was also found that they used the Amazon Simple Email Service (amazonses.com) to send phishing emails.

The fake Office 365 page prepared was determined to use the Office 365 APIs in the background in order to perform the Active directory validation of the victim’s credentials in real-time. With this technique, in real-time, attackers were able to get feedback based on the actions of the users.

Teenagemoglen.com hosts the web service behind the phishing credential website. The domain has been registered as of the end of May 2020 with a Singapore domain registrar at Alibaba.com. The website is hosted by UnifiedLayer, a hosting company based India at a datacenter in Provo, Utah, United States. The website appears as hosting copied web pages from another website. No links appear to be active which enable active interaction with a visitor.

More than 150 victims were found that visited the page after the attack took place. With these findings, it was clear that this was a target-oriented phishing attack.

How to prevent the Office 365 phishing attack?

Find a strategy for cybersecurity awareness training that uses entertaining, learning elements to inspire people and organisations to become a cyber-threats defender. Your employees must learn how not to get hacked, which makes them the first line of defence against more sophisticated phishing attacks or email security risks today.

Keepnet Labs phishing awareness training will help people to make better decisions and circumvent phishing threats or other social engineering attacks. When phishing awareness training is combined with phishing simulator, employees will counter the real-life scenarios and recognise and respond to fake emails more quickly.

Also, you can view another blog post “New Outlook Themed Phishing Attack on Banking Sector“.

Want to protect your organisation against Office 365 Phishing Attacks? Use our phishing attack simulator. See our quickstart video below.

“This post is originally published at www.keepnetlabs.com”

RSS Teknoloji Haberleri

  • Daha iyi bir Windows için PowerToys ve PC Manager
    Windows’ta günlük deneyiminizi geliştirecek araçlar mı arıyorsunuz? Microsoft PowerToys ve PC Manager, farklı ihtiyaçlara yönelik çözümler sunarak bilgisayar kullanımını daha verimli ve keyifli hale getiriyor.
  • Yine aynı sorun: iOS 18.4, iPhone pillerini "sömürüyor" mu?
    Apple'ın yeni iOS 18.4 güncellemesi indiren kullanıcılar, iPhone'larının pilinin ışık hızıyla tükendiğinden şikayet etmeye başladı. Peki ama bu pil sorunun sebebi ne? Bu sorundan etkilendiyseniz ne yapmalısınız?
  • Windows 11 kurulumunda işler değişiyor: Tek açık kapı da kapanacak mı?
    Microsoft artık Windows 11'i yüklerken internete bağlanmanız konusunda daha da ısrarcı olacak. Böylece, Microsoft hesabı olmadan Windows 11 kurup kullanma çağı da sona eriyor.
  • vivo V50 Lite İnceleme
    vivo’nun yeni orta segment telefonu V50 Lite, 4 yıl garanti verdiği 6500 mAh’lih pili, şık ve ince formu, yüksek çözünürlüklü ve yansıma yapmayan ekranıyla tüketicilerin kalbini çalmaya aday. Uygun fiyatlı olarak sürülen bu model, fiyatının üzerinde bir performans da vadediyor.
  • Samsung Galaxy Watch'larda can sıkan sorun
    Samsung’un popüler akıllı saat modelleri Galaxy Watch 7 ve Ultra, rastgele bağlantı kesintileri ve yeniden kurulum gerektiren sıfırlama sorunlarıyla kullanıcıları zor durumda bırakıyor.