Security News > 2020 > September > Attackers Steal Outlook Credentials Via Overlay Screens on Legitimate Sites

Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic - on top of legitimate company webpages - to lure in victims.

The initial email said, the company's email system "Failed to process new messages in the inbox folder," and "Two valid email messages have been held and quarantined for deletion." It asked the target to review the messages and recover their lost mail in the inbox folder - or they will be automatically deleted after three days.

While the company webpage is legitimate, researchers found that attackers had added on an overlay screen with the credential request.

Researchers told Threatpost that the use of the overlay screen increases the appearance of legitimacy, because the target is able to view and interact with their company webpage.

This past week, Turkish-speaking cybercriminals sent Instagram users seemingly legitimate messages from the social media company, with the aim of stealing their Instagram and email credentials.

News URL

https://threatpost.com/attackers-steal-outlook-credentials-overlay-screens/158969/