Phishing Campaign Features Fake Office 365 Update

Healthcare Info Security

Akshaya Asokan

A targeted phishing campaign is using a fake Microsoft Office 365 update to steal email credentials from business executives, and the credentials are then being offered for sale in underground forums, security firm Trend Micro reports.

The ongoing campaign, which began in May 2020, is using a compromised virtual private network and URLs to send phishing emails, the report notes.

"The attackers reuse compromised hosts for the phishing pages targeting organizations in the manufacturing, real estate, finance, government and technological industries in several countries, such as Japan, the United States, U.K., Canada, Australia and Europe," the researchers note.

The phishing campaign is estimated to have compromised...

Get the Morning Update

Thanks for subscribing!