Microsoft Sway Abused in Office 365 Phishing Attack
According to an analysis released by Group-IB on Thursday, a threat actor group called PerSwaysion has attacked Microsoft services, compromising at least 150 executives in a targeted phishing campaign. The attacks were effective in gathering the Office 365 credentials of the executives since mid-2019. The campaign’s success was attributed to the fact that it leverages different Microsoft file-sharing services.
It also may be due in part to the fact that the campaign’s initial phishing emails were sent from legitimate but previously compromised email addresses, hiding the fact that they are now controlled by threat actors. According to researchers, multiple different threat groups collaborated on the PerSwaysion campaign. Group IB stated that the campaign is a new example of highly specialized phishing threat actors conducting effective attacks on a large scale.