Phishers Target Microsoft & Google Public Cloud Users

Uploaded on 2020-10-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

A series of massive phishing campaigns are targeting public cloud users and the hackers are primarily looking for accounts on Microsoft's Office 365 and Google's Gmail platforms. 

Attacks are aimed at stealing corporate Microsoft Office 365  usernames and passwords is targeting a wide range of organisations and is trying to use CAPTCHA imagess (an automated challenge-response test) as a technique to lull victims into a fall sense of security.

Analysts at GreatHorn Threat Intelligence point to a phishing operation that is taking victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. 

GreatHorn has discovered these massive cyber attack propagating via open redirector domains and subsidiary domains belonging to multiple global brands, spreading through tens of thousands of mailboxes and targeting business users across industries, geographies, and companies. These attacks attempt to steal corporate email credentials, coupled with malicious JavaScript that deploys various Trojans and malware on any user who visits these pages, regardless of whether they submit their credentials or not. 

GreatHorn has also identified that senior executives and finance personnel are being targeted within the phishing campaigns. 

The similarity across the campaigns leads GreatHorn Threat Intelligence to believe it is a singular entity behind the attacks.The attackers appear to be attempting to evade detection by spoofing well-known applications, including Microsoft Office, Zoom, Microsoft Teams, and more. Also analysts at the cloud security specialist at Menlo Security say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

For organisations who are using role-based email security, users within these roles can be placed on more restrictive policies to minimise the risk associated with these attacks. Industries targeted by the attacks include finance, technology, manufacturing, government, pharmaceuticals, oil and gas, hospitality and more.

To protect against this and other phishing attacks, users should be wary of opening any links or attachments in emails that come from an unknown source - always check the source first before opening the email.

GreatHorn:          Dark Reading:         ZDNet:         KKHackLabs

You Might Also Read:

Cyber Security Teams Worry Most About Phishing & Ransomware:

 

« Voter Data Being Used To Disrupt US Election
Facebook & Google Will Be Regulated »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Exploit Database (EDB)

Exploit Database (EDB)

The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers.

IEEE Computer Society

IEEE Computer Society

The IEEE Computer Society is the world's leading membership organization dedicated to computer science and technology.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

Rafael

Rafael

Rafael has more than 15 years of proven experience in the cyber arena providing solutions for national security as well as commercial applications.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

aDolus Technology

aDolus Technology

aDolus delivers a robust solution for safeguarding against counterfeit or malicious software and firmware in mission-critical systems.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.