Security News > 2024 > February > Ongoing Microsoft Azure account hijacking campaign targets executives
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.
The attacks employ documents sent to targets that embed links masqueraded as "View document" buttons that take victims to phishing pages.
"The affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers. Individuals holding executive positions such as"Vice President, Operations", "Chief Financial Officer & Treasurer" and "President & CEO" were also among those targeted," explains Proofpoint.
Proxies are selected to be near the targets to reduce the likelihood of attacks being blocked by MFA or other geo-fencing policies.
Proofpoint proposes several defense measures to protect against the ongoing campaign, which can help enhance organizational security within Microsoft Azure and Office 365 environments.
Criminal IP ASM: A new cybersecurity listing on Microsoft Azure.