1 min read

Microsoft 365 Spoofing Campaign Targets CEOs and Decision Makers, Research Finds

Silviu STAHIE

March 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft 365 Spoofing Campaign Targets CEOs and Decision Makers, Research Finds

Security researchers have identified a new Microsoft 365 spoofing campaign that targets specific people in companies, trying to compromise peoples’ accounts such as C-suite executives and other essential positions from the retail, insurance and financial services industries.

Sweeping spoofingcampaigns are an almost everyday occurrence, as companies have to deal with this threat constantly. But there’s a subgroup of this threat that’s better well-aimed and thought out to have maximum impact by targeting executives in companies, giving attacks increase leverage and access.

The new Microsoft Office 365 credential harvesting campaign targeted various C-suite executives and other decision-makers in companies, but with a twist. Criminals looked for people just settling in and hit them during the transition period, relying on the target’s limited knowledge in a new company.

“A large majority of the phishing attacks stopped by Area 1 Security were headed to financial controllers and treasurers at various international companies,” said the researchers. “By targeting the financial departments of these companies, the attackers could potentially gain access to sensitive data of third parties through invoices and billing, commonly referred to as a BEC (Business Email Compromise) attack.”

“This enables the attackers to send forged invoices from legitimate email addresses to suppliers, resulting in payments being made to attacker-owned accounts,” they explained.

The campaign itself used many techniques, depending on the stage or the target, including the deployment of advanced phishing kits, domains that looked very much like the real ones, and much more.

The phishing emails contained various mixed messages such as purported security updates, documents that “need” reviewing, updated policies, and so on.

Security researchers published a complete list of indicators of compromise that should allow companies to stop these attempts before they even reach recipients.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read