Unusual Phishing Campaign Extracted Office 365 Credentials

Healthcare Info Security

Theo Nassiokas

Security researchers at Armorblox uncovered an unusual invoice-themed phishing attack designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.

The campaign, which recently ended, struck about 20,000 accounts, Armorblox researchers estimate. The emails were branded with a Microsoft Outlook logo, had the subject line "Transfer of Payment Notice for Invoice" and purported to offer information about an electronic fund payment. The message portrayed a malicious HTML link as a way to view the invoice, the report, released Thursday, notes.

"This email attack bypassed native Microsoft email security controls. Microsoft assigned a...

Get the Morning Update

© 2020 by HealthcareCISO.