Cyber security news for all

More

    Fake Microsoft Teams’ Notifications Targeted To Steal Workers Passwords

    Fake Microsoft teams’ notification is a new phishing campaign launch to steal workers’ login details by imitating notifications from Microsoft teams. This is due to the recent COVID-19 Virus attack which made several companies operate remotely full time. Thereby giving way for hackers to have a field day.

    Fake Microsoft teams’ notifications

    Hackers are using fake emails that look like automated notification emails from Microsoft teams. When once a victim clicks on the emails, the victim will land on the imitated WebPages of Microsoft teams. Abnormal security noticed this campaign in which researchers found out that the sender email came from a recently registered domain. The domain is sharepointonline-irs.com, which has nothing to do with either IRS or Microsoft.

    What these dubious attackers do is to use various URL redirections to avoid malicious link detection by hiding the real URL they use for attacking. The two outstanding ways that hackers used to steal employee login details according to researchers are:

    1        one way is that email has a link to a document that includes an image  which will instruct receivers to login with Microsoft team ,when image is clicked then one is taken to the fake Microsoft fake Microsoft login page.

    2         Another one is a YouTube link that will be redirected to multiple times and gets to a final webpage that looks like Microsoft login page.

    With this, a recipient that falls a victim will get his or her login details compromised. And the attackers will have free access to the Microsoft office 356 services. These hackers’ targets approximately 50,000 workers login details to steal.

    The unfortunate thing is that this lockdown has brought more attackers to steal corporate resources. This is due to the influx of remote traffic as people must now work from home.

     

    Recent Articles

    Cyber threats become more dangerous to secure the digitization

    The pandemic has provided a boost to digital world. But now it is important to secure it. Examples of developments in the pandemic are...

    Sopra Steria was encrypted with Ryuk ransomware

    Last week, there was a successful ransomware on the servers of the French provider Sopra Steria. In an extremely brief statement, the company only...

    Emotet takes unusual approaches and loads new malware

    Even those who are not concerned with the security have mostly heard of Emotet. The malware has been up to mischief for several years,...

    Cyber criminals could exploit the Oracle network

    The software manufacturer Oracle network only holds its updates every three months. Oracle speaks of security gaps - Due to the extensive product range...

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox