1 min read

Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials

Silviu STAHIE

June 05, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials

A phishing attack is using VPN impersonation to trick people into revealing their Microsoft Office 365 credentials.

With so many people working from home, VPN use has increased considerably. Most companies rely on this sort of technology to let employees connect to the corporate infrastructure safely, so it stands to reason that bad actors would seek to use it as an attack vector.

Microsoft Office 365 credentials are highly valued on the dark web because, in the right circumstances, they can give attackers a way into a company”s network that doesn”t require too much effort. Defense systems would have a hard time identifying a hacker who”s using legitimated credentials.

“The attack impersonates a notification email from the IT support at the recipients” company,” reads the advisory from the Abnormal Security.

“The sender email address is spoofed to impersonate the domain of the targets” respective organizations. The link provided in the email allegedly directs to a new VPN configuration for home access. Though the link appears to be related to the target”s company, the hyperlink actually directs to an Office 365 credential phishing website,” the advisory continues.

While the attack seems to originate from numerous IPs and different senders, the payload in each email was identical, which means they”re all part of the same campaign.

According to the researchers, the landing page of the phishing attack was displayed if the victim believed the message was hosted on Microsoft .NET platform, and it”s identical to the Office 365 login website. Since it”s hosted on a Microsoft platform, the certificate is also legit.

As usual, people should not open emails from unknown senders, and they should be wary of any messages requesting changes of passwords, confirmation of credentials, or anything else that might lead to a leak of secure login credentials.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

2 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read