Security News > 2022 > January > Phishers are targeting Office 365 users by exploiting Adobe Cloud

Phishers are targeting Office 365 users by exploiting Adobe Cloud
2022-01-13 14:22

Phishers are creating Adobe Creative Cloud accounts and using them to send phishing emails capable of thwarting traditional checks and some advanced threat protection solutions, Avanan security researcher Jeremy Fuchs warns.

This new wave of attacks started in December 2021, and they are exploiting the fact that Adobe's apps are designed to foster collaboration by sharing documents.

The attack is simple, really: the phishers create/import and host on Adobe Cloud an official-looking PDF pointing to a classic credential harvesting page hosted outside the Adobe suite.

Then they share the document with the victims, who get a legitimate email from Adobe, saying that a document has been shared with them.

The attackers are taking advantage of the trust that email security solutions place in Adobe, Fuchs noted.

While users whose first language isn't English might not notice that, everybody should definitely find suspicious the fact that the fake Office 365-themed login page is hosted on Weebly.


News URL

https://www.helpnetsecurity.com/2022/01/13/phishers-adobe-cloud/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 112 77 1333 1988 640 4038