CyberNews Briefs

Proofpoint Phish Harvests Microsoft O365, Google Logins

A new campaign impersonating Proofpoint has successfully avoided Microsoft email security. The campaign consists of phishers attempting to fool targets into believing the email comes from Proofpoint, a well-known cybersecurity company, in an attempt to steal Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, one such campaign targeted a global communications company and nearly one thousand of the organization’s employees were targeted. Some of the phishing emails claim to have sent a secure file via Proofpoint as a link. However, clicking the link takes victims to a splash page with spoofed Proofpoint branding containing login links for different email providers.

The campaign has also included dedicated login page spoofs for Microsoft and Google. The email lure was a file purportedly linked to mortgage payments and included the subject line “Re: Payoff Request,” encouraging targets to think that the message was part of the ongoing correspondence. Adding ‘Re’ to the subject line is not a new tactic, but it can prompt a sense of urgency and make it more likely that the target will open the link and follow the email’s instructions.

Read More: Proofpoint Phish Harvests Microsoft O365, Google Logins

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.