Security News > 2020 > June > Microsoft 365 phishing campaign exploits Samsung, Adobe, and Oxford University

In a blog post published Thursday, Check Point described the method in which attackers exploited one of Oxford University's mail servers to send the initial email, abused an Adobe Campaign redirection tool, and then used a Samsung domain to take users to a Microsoft Office 365-themed phishing website.
Most of the emails observed came from multiple addresses that belonged to legitimate subdomains from different departments at the University of Oxford.
The sent email itself claims to offer missed voice mail related to the recipient's Office 365 account with references to Office 365 and Microsoft and even a phony "Message from Trusted server" notice at the top.
Offered by Adobe to email marketers, Adobe Campaign has been exploited in other phishing attempts to add legitimacy to URLs used in malicious messages.
In this instance, the link in the email directs people to an Adobe server used by Samsung during a 2018 Cyber Monday marketing campaign.
News URL
Related news
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads (source)
- Microsoft isn't fixing 8-year-old shortcut exploit abused for spying (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)