Phishing Campaign Targeting Office 365, Exploits Brand Names
A new sophisticated phishing campaign has been discovered, targeting Office 365 and utilizing recognized brand names to bypass security filters. The campaign aims to trick victims into handing over Microsoft Office 365 credentials to gain access to corporate networks.
Check Point Software published a report detailing the attacks, which largely targeted European companies with outliers in Asia and the Middle East. The campaign was discovered when emails were distributed to potential victims titled “Office 365 Voice Mail.” The emails stated that they must retrieve a voice message by logging into their Office 365 account, however, the link provided was actually a malicious phishing page rather than a legitimate Office 365 login portal.