Phishers Target Microsoft & Google Public Cloud Users

Uploaded on 2020-10-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

A series of massive phishing campaigns are targeting public cloud users and the hackers are primarily looking for accounts on Microsoft's Office 365 and Google's Gmail platforms. 

Attacks are aimed at stealing corporate Microsoft Office 365  usernames and passwords is targeting a wide range of organisations and is trying to use CAPTCHA imagess (an automated challenge-response test) as a technique to lull victims into a fall sense of security.

Analysts at GreatHorn Threat Intelligence point to a phishing operation that is taking victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. 

GreatHorn has discovered these massive cyber attack propagating via open redirector domains and subsidiary domains belonging to multiple global brands, spreading through tens of thousands of mailboxes and targeting business users across industries, geographies, and companies. These attacks attempt to steal corporate email credentials, coupled with malicious JavaScript that deploys various Trojans and malware on any user who visits these pages, regardless of whether they submit their credentials or not. 

GreatHorn has also identified that senior executives and finance personnel are being targeted within the phishing campaigns. 

The similarity across the campaigns leads GreatHorn Threat Intelligence to believe it is a singular entity behind the attacks.The attackers appear to be attempting to evade detection by spoofing well-known applications, including Microsoft Office, Zoom, Microsoft Teams, and more. Also analysts at the cloud security specialist at Menlo Security say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

For organisations who are using role-based email security, users within these roles can be placed on more restrictive policies to minimise the risk associated with these attacks. Industries targeted by the attacks include finance, technology, manufacturing, government, pharmaceuticals, oil and gas, hospitality and more.

To protect against this and other phishing attacks, users should be wary of opening any links or attachments in emails that come from an unknown source - always check the source first before opening the email.

GreatHorn:          Dark Reading:         ZDNet:         KKHackLabs

You Might Also Read:

Cyber Security Teams Worry Most About Phishing & Ransomware:

 

« Voter Data Being Used To Disrupt US Election
Facebook & Google Will Be Regulated »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Associates (CSA)

Cyber Security Associates (CSA)

Cyber Security Associates provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat.

Conceptivity +360 Cybersecurity

Conceptivity +360 Cybersecurity

Conceptivity +360 Security addresses advanced cybersecurity and supply chain security issues in policy, regulatory, legislation, standardisation, compliance and project management areas.

Exostar

Exostar

Exostar is the cloud platform of choice for secure enterprise and supply chain collaboration solutions and identity and access management expertise.

NITA Uganda (NITA-U)

NITA Uganda (NITA-U)

NITA-U has put in place the Information security framework to provide Uganda with the necessary process, policies, standards and guideline to help in Information Assurance.

Monegasque Digital Security Agency (AMSN)

Monegasque Digital Security Agency (AMSN)

AMSN is the national authority in charge of the security of information systems in Monaco.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Dcode

Dcode

Dcode connects the tech industry and government to drive commercial innovation in the federal market.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

AVANT Communications

AVANT Communications

AVANT is a premier distributor of next generation technologies with the resources and relationships needed to successfully navigate the ever-changing world of communications and IT infrastructure.

Camelot Secure

Camelot Secure

Camelot Secure Secure360 platform is a holistic redefinition of what world-class cybersecurity strategies can be. Prepare. Protect. Deploy.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.

Resmo

Resmo

Resmo is an all in one platform for SaaS app and access management for modern IT teams.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.