Security News > 2022 > August > Snapchat, Amex sites abused in Microsoft 365 phishing attacks
Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials.
Open redirects are web app weaknesses that allow threat actors to use the domains of trusted organizations and websites as temporary landing pages to simplify phishing attacks.
They're used in attacks to redirect targets to malicious sites that will either infect them with malware or trick them into handing over sensitive information.
According to Inky researchers, the Snapchat open redirect was used in 6,812 phishing emails sent from Google Workspace and Microsoft 365 hijacked over two and a half months.
While the Snapchat vulnerability was reported to the company through the Open Bug Bounty platform one year ago, on August 4, 2021, the open redirect is yet to be patched.
The Amex open redirect was used in 2,029 phishing emails using Microsoft Office 365 baits, sent from recently registered domains and designed to funnel potential victims to Microsoft credential harvesting sites.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)