Security News > 2021 > March > Office 365 Phishing Attack Targets Financial Execs
A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise attacks, according to a new report from Area 1 Security.
These new, sophisticated attacks are aimed at C-suite executives, their assistants and financial departments, and can work around email security and Office 365 defenses.
"In some cases, the attackers were even more stealthy by prefetching the localized Office 365 sign-in," Area 1 said.
"If the victim entered their email address, the attacker would verify it was a valid Office 365 address. In instances where the entered email address used Conditional Access, a different single sign-on, Active Directory Federation Services, etc., the phishing kit would essentially break and the victim would simply be redirected to the legitimate sign-in experience."
What is not new is the use of Microsoft-related lures, including Office 365 and Teams in BEC attacks.
"SaaS platforms like Office 365 are a safe haven for attacker lateral movement, making it paramount to focus on user access to accounts and services," Chris Morales with Vectra told Threatpost.
News URL
https://threatpost.com/office-365-phishing-attack-financial-execs/164925/
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Microsoft fixes bug behind random Office 365 deactivation errors (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)