Microsoft Warns of Phishing Attacks Using Custom 404 Pages

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Microsoft security researchers discovered an unusual phishing campaign which employs custom 404 error pages to trick potential victims into handing out their Microsoft credentials.
To do this, the attackers register a domain and instead of creating a single phishing landing page to redirect their victims to, they configure a custom 404 page which shows the fake login form.

This allows the phishers to have an infinite amount of phishing landing pages URLs generated with the help of a single registered domain.
"The 404 Not Found page tells you that you’ve hit a broken or dead link – except when it doesn’t," says Microsoft's research team.

"Phishers are using malicious custom 404 pages to serve phishing sites. A phishing campaign targeting Microsoft uses such technique, giving phishers virtually unlimited phishing URLs."
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Phishers are already using Microsoft's Azure Blob Storage object storage solution [1, 2] to host phishing pages, at the same time taking advantage of the fact that they will automatically get signed with an SSL certificate from Microsoft. This makes Azure Blob Storage-based phishing the ideal method to directly target users of Microsoft services such as Office 365, Azure Active Directory, Outlook and a whole slew of other Microsoft logins.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top