Microsoft Office 365 Attacks Sparked from Google Firebase
According to researchers at Amorblox, a new phishing campaign is able to evade Microsoft security defenses seeking to steal Office365 credentials. Security researchers at Amorblox discovered the campaign when they noticed invoice themed emails sent to at least 20,000 inboxes. The emails ask recipients to share information about an electronic funds transfer payment. The emails contain a basic headline such as “transfer of payment notice for invoice” and contain a link to download the fake invoice.
The attachment brings victims to a phishing page that impersonates a Microsoft Office login screen. The phishing page is hosted on Google Firebase and will harvest all login information, secondary email addresses, and phone numbers. Although the attackers could likely use this information to take over accounts and steal more valuable information, they could also use them to purport more phishing attempts to family members, partners, and customers.