Security News > 2021 > August > Chipotle Emails Serve Up Phishing Lures
Customers who signed up for emails from fast-food chain Chipotle Mexican Grill were recently faced with bigger challenges than queso versus sour cream.
The Inky report, posted Friday, found 121 phishing emails sent from the compromised Chipotle Mailgun account sent between July 13 and July 16.
Those attacks included two vishing attacks, 14 impersonated USAA bank to harvest financial data and the remaining 105 emails attempted to redirect users to a spoofed Microsoft site that attempted to steal credentials.
The attacks leveraging Chipotle's breached Mailgun account are similar to Nobelium's attack on email marketing service in May 2021.
45 percent of all phishing attacks in 2020 were aimed at swiping Microsoft credentials, according to a report released early this year by Cofense.
Microsoft continues to be a prime target for phishing attacks because the credentials are highly valuable, Inky explained.
News URL
https://threatpost.com/chipotle-serves-up-lures/168279/
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)