Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Cyber Fraud Phishing Attack Spoofs Zoom to Steal Microsoft User Credentials
Cyber Fraud Fraud phishing Safety Scam Security

Phishing Attack Spoofs Zoom to Steal Microsoft User Credentials

Targeting more than 21,000 users, the phishing email managed to bypass Microsoft Exchange email security, says Armorblox.
Saturday, October 08, 2022

 

Phishing attacks work by imitating a well-known or trusted brand, product, or company, with the aim of duping recipients into disclosing sensitive account information. That was the case in a recent phishing campaign investigated by security firm Armorblox, in which the attacker impersonated Zoom in an attempt to compromise Microsoft user credentials. 

The phishing email, which was sent to over 21,000 users at a national healthcare company, had the subject line "For [name of recipient] on Today, 2022," with each user's actual name listed as the recipient. The email, which displayed the Zoom name and logo, stated that the person had two messages awaiting their response. The recipient had to click on the main link to read the alleged messages.

The main button would have directed users to a bogus landing page impersonating a Microsoft login page. The victims were directed at the site to enter their Microsoft account password in order to verify their identity before they could obtain the messages. To further silence them into a false sense of security, the landing page pre-populated the username field with the person's actual email address. Any Microsoft passwords entered on the page would, of course, be captured by the attackers.

The initial phishing email, sent from a valid domain, bypassed Microsoft Exchange email security controls because it passed the usual email authentication checks, such as DomainKeys Identified Mail, Sender Policy Framework, and Domain-based Message Authentication Reporting and Conformance. Instead, the emails were barred from being sent from reaching user inboxes by Armorblox security.

How to Protect Your Company from Phishing

Armorblox makes the following recommendations to help you protect your organisation and employees from these types of phishing attackers:

The email described in the report evaded Microsoft security measures, indicating that you should supplement your native email security with stronger and more layered tools. Consult Gartner's Market Guide for Email Security and Armorblox's 2022 Email Security Threat Report to find the right product.

Users are advised to:
  • Be wary of social engineering ploys.
  • Adopt proper password hygiene
  • Use multi-factor authentication
Tags: Cyber Fraud Fraud phishing Safety Scam Security
Share it:

Cyber Fraud

Fraud

phishing

Safety

Scam

Security