Security News > 2020 > January > Office 365 users: Beware of phishing emails pointing to Office Sway
The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office.
"The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.
If the recipient is logged into an Office account, Sway pages appear wrapped in Office 365 styling with accompanying menus, making the page even more convincing.
"Attackers can turn Microsoft Sway into most any site they like, causing both Outlook and even the most savvy recipients to trust sway.com links," the company pointed out, and noted that because the attackers are using multiple senders and domains, blacklisting them won't work.
"Instead, we've seen many clients blacklist sway.office.com in their web filters. Unless your organization actively uses Sway, you should consider blocking Sway links," they advised.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/6AKmXwlC_y8/
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)