A series of phishing campaigns are allegedly targeting public cloud users, according to researchers from cybersecurity firm Greathorn. The campaigns aim to compromise Microsoft Office 365 and Gmail accounts by leveraging intriguing headlines pertaining to current events. The phishing emails contain malicious links that, when opened, lead victims to a fraudulent login page that harvests credentials.
Great horn researchers claim that the emails use open redirectors and CAPTCHA images to convince victims of their authenticity, however, the pages install loaders onto the victim’s device. Security researchers stated that the campaign is largely targeting the hospitality industry. Another recent connected campaign is using President Donald Trump’s COVID-19 diagnosis to attract victims to click on links that open them up to ransomware attacks.
Read More: Massive New Phishing Campaigns Target Microsoft, Google Cloud Users