Phishing Campaign Uses Outlook Migration Message

Healthcare Info Security

Akshaya Asokan

An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security.

The phishing emails, which are designed to look as if they come from the IT department of the victims' organizations, say the recipient must update to the latest version of Microsoft Outlook, according to the report.

When victims click a link within the phishing email, they are directed to a malicious domain that shows an older version of the Outlook sign-up page that's designed to steal credentials, such as usernames and passwords, the researchers note.

"If the login page is filled out, the attacker will now have access to any platform that uses...

Get the Morning Update

© 2020 by HealthcareCISO.