Microsoft Tracks Widespread Credential Phishing Campaign

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
8,963
Content source
https://www.darkreading.com/attacks-breaches/microsoft-tracks-widespread-credential-phishing-campaign
Microsoft has been tracking a widespread credential phishing campaign using open redirector links combined with social engineering lures that spoof known productivity tools to trick users. Attackers also use a CAPTCHA verification page to add a sense of legitimacy to the campaign. [...]
Click to expand...
"The use of open redirects in email communications is common among organizations for various reasons," the Microsoft 365 Defender Threat Intelligence Team wrote in a blog post. Sales and marketing campaigns use this to bring customers to desired landing pages and track click rates and other metrics.
"However, attackers could abuse open redirects to link to a URL in a trusted domain and embed the eventual final malicious URL as a parameter," officials continue. "Such abuse may prevent users and security solutions from quickly recognizing possible malicious intent."
Click to expand...
www.darkreading.com

Microsoft Tracks Widespread Credential Phishing Campaign

The campaign abuses open redirector links and includes a CAPTCHA verification page to add a sense of legitimacy to the attack.
www.darkreading.com www.darkreading.com
 
  • Like
  • +Reputation
Reactions: Vasudev, Correlate, oldschool and 6 others
You must log in or register to reply here.

Similar threads

upnorth
    • Wow
    • Like
Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials
Replies
0
Views
385
News Archive
upnorth
upnorth
Gandalf_The_Grey
    • Wow
    • Sad
    • Like
Death of Queen Elizabeth II exploited to steal Microsoft credentials
Replies
0
Views
364
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Web browser app mode can be abused to make desktop phishing pages
Replies
0
Views
290
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top