Security News > 2020 > June > Phishing Campaign Targeting Office 365, Exploits Brand Names
Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks.
A new report from Check Point Software first observed the attacks-the majority of which targeted European companies, with others seen in Asia and the Middle East-in April, when they discovered emails sent to victims titled "Office 365 Voice Mail.".
The emails tried to lure victims into clicking on a button that would take them to their Office 365 account to retrieve a voice message that was waiting in their voice portal, they said.
If victims took the bait, they were redirected to what appeared to be the Office 365 login page but what was actually a phishing page, researchers said.
At first the attacks seemed to be "Classic Office 365 phishing campaign," Check Point manager of threat intelligence Lotem Finkelsteen said in the report.
News URL
https://threatpost.com/phishing-campaign-targeting-office-365-exploits-brand-names/156698/