Security News > 2022 > June > Cybercriminals use Azure Front Door in phishing attacks

Resecurity, Inc. has identified a spike in phishing content delivered via Azure Front Door, a cloud CDN service provided by Microsoft.

According to experts, such tactics confirm how the bad actors are continuously looking to enhance their tactics and procedures to avoid phishing detection using world-known cloud services.

Based on the analyzed phishing templates, the attackers are likely using an automated way to generate their phishing letters, by doing so they're able to scale their campaigns to ultimately target a broader number of customers globally.

In one of the phishing episodes, the threat actors impersonated the large business conglomerate Al-Futtaim Group from UAE which was founded in 1930 with over 44,000 employees.

Similar campaigns have been identified by the MalwareHunterTeam in November 2021, when Azure Front Door Service was used to host phishing content targeting academia and the UK Government employees.

According to experts such tactics could be leveraged by both sophisticated threat actors and APT groups, as well as cybercriminals to avoid being detected conducting phishing, business e-mail compromise, and Email Account Compromise campaigns.

News URL

https://www.helpnetsecurity.com/2022/06/27/azure-front-door-phishing-attacks/