Security News > 2021 > August > Chipotle Emails Serve Up Phishing Lures
Customers who signed up for emails from fast-food chain Chipotle Mexican Grill were recently faced with bigger challenges than queso versus sour cream.
The Inky report, posted Friday, found 121 phishing emails sent from the compromised Chipotle Mailgun account sent between July 13 and July 16.
Those attacks included two vishing attacks, 14 impersonated USAA bank to harvest financial data and the remaining 105 emails attempted to redirect users to a spoofed Microsoft site that attempted to steal credentials.
The attacks leveraging Chipotle's breached Mailgun account are similar to Nobelium's attack on email marketing service in May 2021.
45 percent of all phishing attacks in 2020 were aimed at swiping Microsoft credentials, according to a report released early this year by Cofense.
Microsoft continues to be a prime target for phishing attacks because the credentials are highly valuable, Inky explained.
News URL
https://threatpost.com/chipotle-serves-up-lures/168279/
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)