An ongoing phishing campaign targeting U.S. organizations has been observed employing fake voicemail notifications to fool employees into providing their Office 365 or Outlook credentials. In this specific phishing campaign, users receive a phony email stating they have a new voicemail to listen to and are prompted to open an HTML attachment. To increase the chances of success, adversaries ensure the email's “From” field specifically references the targeted organization’s name. The HTML attachment, once opened, directs users to an attacker-controlled URL specifically created for the victim. Users first encounter a CAPTCHA check and then land on a Microsoft-themed phishing page with the ultimate goal of tricking them into entering their login credentials and thereby stealing the victim’s username and password. Users can defend against this activity by not opening suspicious emails and verifying the URL in the address bar of the browser before entering any credentials. Read more at HelpNetSecurity.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!