Security News > 2021 > February > 10K Microsoft Email Users Hit in FedEx Phishing Attack
![10K Microsoft Email Users Hit in FedEx Phishing Attack](/static/build/img/news/10k-microsoft-email-users-hit-in-fedex-phishing-attack-medium.jpg)
Researchers are warning of recent phishing attacks targeting at least 10,000 Microsoft email users, pretending to be from popular mail couriers - including FedEx and DHL Express.
Both scams have targeted Microsoft email users and aim to swipe their work email account credentials.
"The email titles, sender names and content did enough to mask their true intention and make victims think the emails were really from FedEx and DHL Express respectively," said researchers with Armorblox on Tuesday.
"Emails informing us of FedEx scanned documents or missed DHL deliveries are not out of the ordinary; most users will tend to take quick action on these emails instead of studying them in detail for any inconsistencies."
The phishing email spoofing American multinational delivery services company FedEx was entitled, "You have a new FedEx sent to you," with a date that the email was sent.
"The email field in the login box was pre-filled with the victim's work email," said researchers.
News URL
https://threatpost.com/microsoft-fedex-phishing-attack/164143/
Related news
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Microsoft fixes a bug abused in QakBot attacks plus a second under exploit (source)
- Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks (source)
- Microsoft shares temp fix for Outlook encrypted email reply issues (source)
- FlyingYeti phishing crew grounded after abominable Ukraine attacks (source)
- Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices (source)
- More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack (source)
- Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals (source)
- Phishing emails abuse Windows search protocol to push malicious scripts (source)
- ONNX phishing service targets Microsoft 365 accounts at financial firms (source)