Phishing Attacks Scrape Branded Microsoft 365 Login Pages

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,005
An unusual new phishing campaign is probing email inboxes via attacks using the targets' company-branded Microsoft 365 tenant login pages to add more legitimacy to the scam.

The attackers are also using Microsoft's Azure Blob Storage and Microsoft Azure Web Sites cloud storage solutions to host their phishing landing pages, a common tactic used by phishers to trick their targets into thinking that they're seeing an official Microsoft login page.

"[The campaign] utilizes a novel method of scraping organizations’ branded Microsoft 365 tenant login pages to produce highly convincing credential harvesting pages," detail researchers part of Rapid7’s Managed Detection and Response (MDR) services team.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top