Security News > 2021 > March > Microsoft Office 365 still the top target among phishing attacks

Most of the recent credential phishing attacks seen by Menlo Security served phony Outlook and Office 365 login pages.

In its report, the Menlo Tabs team said it discovered a rise in credential phishing attacks over the past month.

The firm said it also found credential phishing attacks spoofing cryptocurrency wallets and popular software services from countries like South Korea.

The bulk of credential phishing attacks observed by Menlo Labs were trying to hoodwink users with phony login pages for Outlook and Office 365 login pages.

Another tactic seen in Office 365-related phishing campaigns appended the recipient's email address to the URL. In this instance, the path for the phishing page gets generated dynamically, while the user's email address is automatically filled in.

"With free services like Let's Encrypt, it is becoming increasingly easier for attackers to host phishing sites behind SSL with a relatively short TTL for maximum hit rate. Increasing cybersecurity awareness through training and education initiatives is often helpful in reducing the impact of credential phishing attacks, but corporate users should be cautious when a site presents a form that asks for personal/sensitive information."

News URL

https://www.techrepublic.com/article/microsoft-office-365-still-the-top-target-among-phishing-attacks/#ftag=RSS56d97e7