Security News > 2021 > October > Phishing attack exploits Craigslist and Microsoft OneDrive
That's true of a new phishing campaign that uses both Craigslist and OneDrive to trick people into installing malware.
Clicking on a button in the email was supposed to take people to a form document that had been uploaded to an actual Microsoft OneDrive site.
The phishing messages themselves came from a Craigslist domain and an authentic Craigslist IP address.
Since Craigslist didn't intend to send these emails, Inky believes the site may have been compromised, especially since the users were specifically targeted.
Further, the attackers used a legitimate Microsoft OneDrive site, impersonated DocuSign to give the operation an air of authenticity and flashed Norton and Microsoft logos to lend additional credibility to the message and the resulting form.
In the campaign described by Inky, it makes no sense that a Craigslist problem would be resolved through a document uploaded to OneDrive.
News URL
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. (source)
- Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks (source)
- New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)