Security News > 2022 > June > Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. has identified a spike in phishing content delivered via Azure Front Door, a cloud CDN service provided by Microsoft.
According to experts, such tactics confirm how the bad actors are continuously looking to enhance their tactics and procedures to avoid phishing detection using world-known cloud services.
Based on the analyzed phishing templates, the attackers are likely using an automated way to generate their phishing letters, by doing so they're able to scale their campaigns to ultimately target a broader number of customers globally.
In one of the phishing episodes, the threat actors impersonated the large business conglomerate Al-Futtaim Group from UAE which was founded in 1930 with over 44,000 employees.
Similar campaigns have been identified by the MalwareHunterTeam in November 2021, when Azure Front Door Service was used to host phishing content targeting academia and the UK Government employees.
According to experts such tactics could be leveraged by both sophisticated threat actors and APT groups, as well as cybercriminals to avoid being detected conducting phishing, business e-mail compromise, and Email Account Compromise campaigns.
News URL
https://www.helpnetsecurity.com/2022/06/27/azure-front-door-phishing-attacks/
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- HubSpot phishing targets 20,000 Microsoft Azure accounts (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)