CyberNews Briefs

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

A new phishing attack targeted Microsoft users has emerged, according to researchers. The phishing campaign seeks to steal Office 365 credentials via leveraging a fraudulent Google reCAPTCHA system. The operation appears to be sophisticated due to the reCAPTCHA ploy and top-level domain landing pages featuring logos of the victim’s companies.

Researchers have discovered at least 2,500 emails associated with this campaign sent to senior-level employees largely in the banking and IT sector. The campaign seemingly began around three months ago and has been unsuccessful up to this point. Once victims click on the malicious link and complete the Google reCAPTCHA, they are redirected to a phishing landing page that prompts them to enter their Office 365 credentials.

Read More: Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.