Security News > 2021 > November > Office 365 Phishing Campaign Abuses Stolen Amazon SES Token

Office 365 Phishing Campaign Abuses Stolen Amazon SES Token
2021-11-02 00:29

A surge in spearphishing emails designed to steal Office 365 credentials were rigged to look like they came from a Kaspersky email address.

Office 365 credentials are a common target for phishing attacks.

It's hardly the first time the old "Fax alert" song and dance has been used: In December 2020, Office 365 credentials were likewise under attack by a campaign that used the same email con.

The Kaspersky phishing emails were sent from various supposed Kaspersky addresses, and they're coming from multiple websites, including Amazon Web Services infrastructure.

Analysis showed that the phishing campaigns are relying on a phishing kit that Kaspersky researchers have named "Iamtheboss," used in conjunction with another phishing kit known as "MIRCBOOT.".

BulletProofLink, a turnkey platform, provides phishing kits, email templates, hosting and other tools that let users customize campaigns and develop their own phishing ploys.


News URL

https://threatpost.com/office-365-phishing-campaign-kasperskys-amazon-ses-token/175915/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Amazon 60 4 39 62 15 120