Microsoft Warns of Crafty Phishing Campaign

  /     /     /  
Publicated : 23/11/2024   Category : security

Microsoft Warns of Crafty Phishing Campaign


The active campaign uses legitimate-looking original sender addresses and spoofed display sender addresses, along with other tactics, to bypass email filters.


Microsoft has warned of an active phishing campaign targeting Office 365 users with a crafty combination of techniques aimed at bypassing email filters.
The attack uses legitimate-looking original sender email addresses, spoofed display sender addresses that contain target usernames and domains, and display names that mimic legitimate services to slip past defenses, Microsoft Security Intelligence wrote in a Twitter thread.
Emails original sender addresses have variations of the word referral and use different top-level domains, officials note. The emails themselves have a SharePoint lure in both the display name and email message, which is disguised as a file share request for Staff Reports, Bonuses, Pricebooks, or other documents, with a link that redirects victims to the phishing page.
The malicious emails have two URLs with malformed HTTP headers. One, the primary phishing URL, is a Google storage resource that redirects the victim to an AppSpot domain, which requires them to log in before presenting them with another Google User Content domain that has an Office 365 phishing page. A second URL, located in the notification settings, redirects to a compromised SharePoint site, which Microsoft says adds legitimacy to this campaign.
Both URLs require sign-in to continue to the final page, bypassing many sandboxes, officials write.
Read Microsoft Security Intelligences
full thread
for more details.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Microsoft Warns of Crafty Phishing Campaign