Security News > 2021 > March > Office 365 Phishing Attack Targets Financial Execs
A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise attacks, according to a new report from Area 1 Security.
These new, sophisticated attacks are aimed at C-suite executives, their assistants and financial departments, and can work around email security and Office 365 defenses.
"In some cases, the attackers were even more stealthy by prefetching the localized Office 365 sign-in," Area 1 said.
"If the victim entered their email address, the attacker would verify it was a valid Office 365 address. In instances where the entered email address used Conditional Access, a different single sign-on, Active Directory Federation Services, etc., the phishing kit would essentially break and the victim would simply be redirected to the legitimate sign-in experience."
What is not new is the use of Microsoft-related lures, including Office 365 and Teams in BEC attacks.
"SaaS platforms like Office 365 are a safe haven for attacker lateral movement, making it paramount to focus on user access to accounts and services," Chris Morales with Vectra told Threatpost.
News URL
https://threatpost.com/office-365-phishing-attack-financial-execs/164925/
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)