Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials
A phishing attack is using VPN impersonation to trick people into revealing their Microsoft Office 365 credentials.
With so many people working from home, VPN use has increased considerably. Most companies rely on this sort of technology to let employees connect to the corporate infrastructure safely, so it stands to reason that bad actors would seek to use it as an attack vector.
Microsoft Office 365 credentials are highly valued on the dark web because, in the right circumstances, they can give attackers a way into a company”s network that doesn”t require too much effort. Defense systems would have a hard time identifying a hacker who”s using legitimated credentials.
“The attack impersonates a notification email from the IT support at the recipients” company,” reads the advisory from the Abnormal Security.
“The sender email address is spoofed to impersonate the domain of the targets” respective organizations. The link provided in the email allegedly directs to a new VPN configuration for home access. Though the link appears to be related to the target”s company, the hyperlink actually directs to an Office 365 credential phishing website,” the advisory continues.
While the attack seems to originate from numerous IPs and different senders, the payload in each email was identical, which means they”re all part of the same campaign.
According to the researchers, the landing page of the phishing attack was displayed if the victim believed the message was hosted on Microsoft .NET platform, and it”s identical to the Office 365 login website. Since it”s hosted on a Microsoft platform, the certificate is also legit.
As usual, people should not open emails from unknown senders, and they should be wary of any messages requesting changes of passwords, confirmation of credentials, or anything else that might lead to a leak of secure login credentials.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022