Advertising

Advertising

adzooma on n digital service
Gator Website Builder

Advertising

Microsoft Outlook users, opening emails with these subject lines and domains can be dangerous

Advertising

Share This

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on tumblr
Share on telegram
Share on whatsapp
Share on skype
Share on email

Translate This Post In Your Native Language


A new phishing campaign targeting users of Microsoft Outlook email service is being used on a wide scale, warned cybersecurity researchers at Zscaler ThreatLabz in a report. As per ThreatLabz, the main targets of this campaign are the corporate users of Microsoft’s email services.
According to the report, the new phishing kit uses an adversary-in-the-middle (AiTM) model, which could help evade detection by network security and email protection. The AiTM model may also allow the phishing attack to bypass multi-factor authentication protections.
These phishing attacks begin with emails with malicious links being sent to the targeted individuals. In some cases, the business emails of executives are compromised first and then used to target several individuals.
“Based on our cloud data telemetry, the majority of the targeted organizations were in the FinTech, Lending, Finance, Insurance, Accounting, Energy and Federal Credit Union industries. This is not an exhaustive list of industry verticals targeted. A majority of the targeted organizations were located in the United States, United Kingdom, New Zealand, and Australia.”, said the report.
The report also lays out some “interesting domain name patterns” which are as follows:
Legit Federal Credit Union domain name: crossvalleyfcu[.]org
Attacker-registered domain name: crossvalleyfcv[.]org
Legit Federal Credit Union domain name:triboro-fcu[.]org
Attacker-registered domain name: triboro-fcv[.]org
Legit Federal Credit Union domain name: cityfederalcu[.]com
Attacker-registered domain name: cityfederalcv[.]com
Legit Federal Credit Union domain name: portconnfcu[.]com
Attacker-registered domain name: portconnfcuu[.]com
Legit Federal Credit Union domain name: oufcu[.]com
Attacker-registered domain name: oufcv[.]com
Keywords related to “password reset” and “password expiry”
As per the report, some of the domain names used keywords related to “password reset” and “password expiry” reminders. It may be the case that the theme of the corresponding phishing emails was also related to such keywords
expiryrequest-mailaccess[.]com
expirationrequest-passwordreminder[.]com
emailaccess-passwordnotice[.]com
emailaccess-expirynotification[.]com
The report stresses that there are several other domains involved in this active campaign, and not all of them follow a certain pattern.

FOLLOW US ON SOCIAL MEDIA

FacebookTwitterInstagramKOO APPYOUTUBE



https://timesofindia.indiatimes.com/gadgets-news/microsoft-outlook-users-opening-emails-with-these-subject-lines-and-domains-can-be-dangerous/articleshow/93325063.cms

Advertising

Share This

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on tumblr
Share on telegram
Share on whatsapp
Share on skype
Share on email

Leave a Reply

Related Post

Advertising