silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,165
Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims’ Microsoft Office 365 and Google email credentials.
According to researchers at Armorblox, they spotted one such campaign lobbed at an unnamed global communications company, with nearly a thousand employees targeted just within that one organization.
“The email claimed to contain a secure file sent via Proofpoint as a link,” they explained in a posting on Thursday. “Clicking the link took victims to a splash page that spoofed Proofpoint branding and contained login links for different email providers. The attack included dedicated login page spoofs for Microsoft and Google.”
Proofpoint Phish Harvests Microsoft O365, Google Logins
A savvy campaign impersonating the cybersecurity company skated past Microsoft email security.
threatpost.com