Security News > 2022 > January > Office 365 phishing attack impersonates the US Department of Labor
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials.
The phishing campaign has been ongoing for at least a couple of months and utilizes over ten different phishing sites impersonating the government agency.
In a new report by email security firm INKY, who shared the report with Bleeping Computer before publication, researchers illustrated how the phishing attack is used to steal credentials.
Those who bid for a project will be taken to a credential harvesting form that targets their Microsoft Office 365 email address and password.
We saw something similar in December 2021, with phishing actors impersonating Pfizer and using well-crafted PDF attachments to invite recipients to submit bids to the pharmaceutical company.
In this case, the most obvious sign of the scam would be the Department of Labor requiring anyone to log in with Office 365 credentials to view a document, something that isn't the case on any U.S. government website.
News URL
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Iranian charged over attacks against US defense contractors, government agencies (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- Hackers steal Windows NTLM authentication hashes in phishing attacks (source)
- Flipper Zero WiFi phishing attack can unlock and steal Tesla cars (source)
- MiTM phishing attack can let attackers unlock and steal a Tesla (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks (source)