Security News > 2021 > February > 10K Microsoft Email Users Hit in FedEx Phishing Attack
Researchers are warning of recent phishing attacks targeting at least 10,000 Microsoft email users, pretending to be from popular mail couriers - including FedEx and DHL Express.
Both scams have targeted Microsoft email users and aim to swipe their work email account credentials.
"The email titles, sender names and content did enough to mask their true intention and make victims think the emails were really from FedEx and DHL Express respectively," said researchers with Armorblox on Tuesday.
"Emails informing us of FedEx scanned documents or missed DHL deliveries are not out of the ordinary; most users will tend to take quick action on these emails instead of studying them in detail for any inconsistencies."
The phishing email spoofing American multinational delivery services company FedEx was entitled, "You have a new FedEx sent to you," with a date that the email was sent.
"The email field in the login box was pre-filled with the victim's work email," said researchers.
News URL
https://threatpost.com/microsoft-fedex-phishing-attack/164143/
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)