Security News > 2020 > June > Microsoft 365 phishing campaign exploits Samsung, Adobe, and Oxford University
In a blog post published Thursday, Check Point described the method in which attackers exploited one of Oxford University's mail servers to send the initial email, abused an Adobe Campaign redirection tool, and then used a Samsung domain to take users to a Microsoft Office 365-themed phishing website.
Most of the emails observed came from multiple addresses that belonged to legitimate subdomains from different departments at the University of Oxford.
The sent email itself claims to offer missed voice mail related to the recipient's Office 365 account with references to Office 365 and Microsoft and even a phony "Message from Trusted server" notice at the top.
Offered by Adobe to email marketers, Adobe Campaign has been exploited in other phishing attempts to add legitimacy to URLs used in malicious messages.
In this instance, the link in the email directs people to an Adobe server used by Samsung during a 2018 Cyber Monday marketing campaign.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads (source)
- Microsoft isn't fixing 8-year-old shortcut exploit abused for spying (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)