Security News > 2024 > February > Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers since spinning it up in November.

In addition to the hundreds of ATOs, "Dozens" of Azure environments were also compromised, Proofpoint said.

While the phishing campaign remains ongoing, the researcher advised users to remain wary of all unexpected emails and exercise extreme caution when opening links - the usual stuff.

The sample phishing emails seen by researchers are said to be individualized to their target, directing them to what appears to be a shared document but the link instead redirects to a malicious phishing page.

Jet engine dealer to major airlines discloses 'unauthorized activity' Europe's largest caravan club admits wide array of personal data potentially accessed Ivanti discloses fifth vulnerability, doesn't credit researchers who found it Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim.

Looking at the campaign's infrastructure, the attackers use proxy services set up close to their targets to evade geofencing policies and also local fixed-line internet service providers.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/02/13/exec_accounts_phishing_campaign/