BEC Phishing Campaigns Bypass MFA, Target Office 365 Executive Accounts
Entities should be on the alert for an increase in two business email compromise campaigns. One report found an increase in BEC phishing campaigns targeting the Microsoft Office 365 accounts of executives, while the other reported a spike in phishing campaigns bypassing multi-factor authentication and conditional access.
The first report from Trend Micro sheds light on a phishing campaign launched by hackers called Water Nue, which uses spear-phishing attempts on Office 365 accounts to target executives. Researchers found more than 1,000 companies around the world have already been targeted since March 2020.
The most recent campaigns focus on...