Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departments

2021-03-18 15:10

A sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries.

The threat actors are leveraging phishing kits and a number of sophisticated methods at every step of the attack.

"In some cases, the attackers were even more stealthy by prefetching the localized Office 365 sign-in," the researchers explained.

"If the victim entered their email address, the attacker would verify it was a valid Office 365 address. In instances where the entered email address used Conditional Access, a different single sign-on, Active Directory Federation Services, etc., the phishing kit would essentially break and the victim would simply be redirected to the legitimate sign-in experience."

The campaign targeted only select individuals at each company - C-level executives, their assistants, and employees in the financial department - and several things point to the threat actors being interested in a specific predetermined target list.

Among the targets were also newly-selected CEOs, and the attackers obviously hoped to catch them off guard during the transition period.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/CS0a50SXLjI/

#financial #office #office365 #phishing