Security News > 2021 > October > Phishing attack exploits Craigslist and Microsoft OneDrive
That's true of a new phishing campaign that uses both Craigslist and OneDrive to trick people into installing malware.
Clicking on a button in the email was supposed to take people to a form document that had been uploaded to an actual Microsoft OneDrive site.
The phishing messages themselves came from a Craigslist domain and an authentic Craigslist IP address.
Since Craigslist didn't intend to send these emails, Inky believes the site may have been compromised, especially since the users were specifically targeted.
Further, the attackers used a legitimate Microsoft OneDrive site, impersonated DocuSign to give the operation an air of authenticity and flashed Norton and Microsoft logos to lend additional credibility to the message and the resulting form.
In the campaign described by Inky, it makes no sense that a Craigslist problem would be resolved through a document uploaded to OneDrive.
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Microsoft investigates OneDrive issue causing macOS app freezes (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Microsoft disrupts ONNX phishing-as-a-service infrastructure (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)