1 min read

Fake Outlook Credential Upgrade Campaign Phishes for Employee Credentials

Silviu STAHIE

July 09, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Fake Outlook Credential Upgrade Campaign Phishes for Employee Credentials

Bad actors are using a message disguised as an official notification from the Outlook team to trick people into entering their credentials into a phishing website, leaking them in the process and exposing the company they work for.

Phishing is one of the most common methods to obtain legitimate credentials, letting attackers compromise systems with ease. Most of the time, data collected from such phishing campaigns ends up for sale on the dark web.

Since Office 356 and adjacent products are widespread in organizations and companies, bad actors try to trick people into sharing their credentials with third parties. The same credentials can be used across an organization’s entire infrastructure, not just for emails and other office work.

“The attacker impersonates an automated notification from the Outlook team on behalf of the recipient’s company,” reads the advisory from Abnormal Security. “Recipients are urged to ‘upgrade’ their Outlook services within 24 hours, or email deliveries to them will be delayed.”

If the user clicks on the link, a fake Outlook login page opens (hosted on GoDaddy). After the user enters the credentials, a popup informs the user that the upgrade will be completed in the next 48 hours. In that time, the account is exposed completely.

The one thing that distinguished this attack is that the text of the email is somewhat ambiguous, as it’s unclear where it comes from; it could be either the Outlook team or the IT department.

It goes without saying that people should not open emails from unknown sources, but sometimes the emails might look legitimate. Users should always be wary of emails that instruct them to use their credentials. If you’re not sure if an email is legitimate, contact the IT department. A good policy is to assume that emails of this type are a phishing attempt.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read