Security News > 2020 > December > Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails
The attackers behind the attack leveraged hundreds of compromised, legitimate email accounts in order to target organizations with emails, which pretended to be document delivery notifications.
In reality, the phishing attack stole victims' Office 365 credentials.
Microsoft Office 365 users have faced several sophisticated phishing attacks and scams over the past few months.
In reality, the attack aimed to steal Office 365 recipients' login credentials.
Finally, earlier this month, a spearphishing attack spoofed Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.
News URL
https://threatpost.com/microsoft-office-365-credentials-attack-fax/162232/
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Microsoft fixes bug behind random Office 365 deactivation errors (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Gang gobbles 15K credentials from cloud and email providers' garbage Git configs (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)