Cyber security news for all

More

    Microsoft Office 365 users: targets of phishing mail.

    Since the pandemic, the usage of VPNs has increased intensely. The recent VPN phishing campaigns are so productive because employees who work from home depend on VPNs to connect with their company servers, and access sensitive data remotely.

    According to a blog post by Abnormal security, an email security company,  “numerous versions of these attacks have been seen across different clients, from different sender emails and originating from different IP addresses. However, the same payload link was employed by all of these attacks, implying that a single attacker that controls the phishing website sent it.” Also, as much as 15,000 targets have received these phishing emails.

    Security experts indicated that these campaigns are to masquerade as legitimate messages informing workers about their VPN configuration update. They are sent to unsuspecting users claiming to be from the organization’s IT support department.

    Office 365 Credentials

    To achieve effective results, the design of the phishing campaigns are in a convincingly, elaborate manner.

    Their landing page mimics the original Microsoft Office 365 login pages and even displays a secure padlock; since they are using a web.core.windows.net wildcard SSL certificate. This is achieved via misapplication of Azure Blob Storage platform.

    They also go as far as customizing the sender address in their phishing emails to resemble the target companies’ domain. Thereby prompting users to open the email.

    The VPN configuration embedded in the email redirects users to a phishing landing page; a mimic of Microsoft Office 365 pages. Once logged in, they steal the users’ login details.

    With all these carefully calculated steps, users do not hesitate to log in with their details.

    Users are encouraged to take security measures by only logging In their Office 365 details in certified Microsoft pages on microsoft.com, outlook.com or live.com domains.

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox