Office 365 Phishing Campaign Abuses Stolen Amazon SES Token

2021-11-02 00:29

A surge in spearphishing emails designed to steal Office 365 credentials were rigged to look like they came from a Kaspersky email address.

Office 365 credentials are a common target for phishing attacks.

It's hardly the first time the old "Fax alert" song and dance has been used: In December 2020, Office 365 credentials were likewise under attack by a campaign that used the same email con.

The Kaspersky phishing emails were sent from various supposed Kaspersky addresses, and they're coming from multiple websites, including Amazon Web Services infrastructure.

Analysis showed that the phishing campaigns are relying on a phishing kit that Kaspersky researchers have named "Iamtheboss," used in conjunction with another phishing kit known as "MIRCBOOT.".

BulletProofLink, a turnkey platform, provides phishing kits, email templates, hosting and other tools that let users customize campaigns and develop their own phishing ploys.

News URL

https://threatpost.com/office-365-phishing-campaign-kasperskys-amazon-ses-token/175915/

#amazon #office #office365 #phishing #token

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Amazon		64	9	60	39	13	121

News URL

Related news

Related vendor