Security News > 2020 > December > Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails
The attackers behind the attack leveraged hundreds of compromised, legitimate email accounts in order to target organizations with emails, which pretended to be document delivery notifications.
In reality, the phishing attack stole victims' Office 365 credentials.
Microsoft Office 365 users have faced several sophisticated phishing attacks and scams over the past few months.
In reality, the attack aimed to steal Office 365 recipients' login credentials.
Finally, earlier this month, a spearphishing attack spoofed Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.
News URL
https://threatpost.com/microsoft-office-365-credentials-attack-fax/162232/
Related news
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
- Microsoft tests ad-supported Office apps for Windows users (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)