Security News > 2022 > September > Microsoft 365 phishing attacks impersonate U.S. govt agencies

An ongoing phishing campaign targeting U.S. government contractors has expanded its operation to push higher-quality lures and better-crafted documents.

The lure in these phishing emails is a request for bids for lucrative government projects, taking them to phishing pages that are clones of legitimate federal agency portals.

There's now a plethora of different lures used in the messages, better phishing web page behavior, and removal of artifacts that revealed the signs of fraud in previous versions of the attached PDFs. Polishing a high-quality campaign.

Starting with the phishing emails, Cofense reports they now feature more consistent formatting, larger logos, and prefer to include a link to the PDF instead of attaching the file.

On the phishing page that tries to trick visitors into entering their Microsoft Office 365 account credentials, the threat actors have now added a Captcha Challenge step to ensure they're not logging bot inputs.

"Given the advancements seen in each area of the phishing chain, it is likely the threat actors behind these campaigns will continue to innovate and improve upon their already believable campaigns," predicts Cofense.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-impersonate-us-govt-agencies/