Phishers Target Microsoft & Google Public Cloud Users

Uploaded on 2020-10-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

A series of massive phishing campaigns are targeting public cloud users and the hackers are primarily looking for accounts on Microsoft's Office 365 and Google's Gmail platforms. 

Attacks are aimed at stealing corporate Microsoft Office 365  usernames and passwords is targeting a wide range of organisations and is trying to use CAPTCHA imagess (an automated challenge-response test) as a technique to lull victims into a fall sense of security.

Analysts at GreatHorn Threat Intelligence point to a phishing operation that is taking victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. 

GreatHorn has discovered these massive cyber attack propagating via open redirector domains and subsidiary domains belonging to multiple global brands, spreading through tens of thousands of mailboxes and targeting business users across industries, geographies, and companies. These attacks attempt to steal corporate email credentials, coupled with malicious JavaScript that deploys various Trojans and malware on any user who visits these pages, regardless of whether they submit their credentials or not. 

GreatHorn has also identified that senior executives and finance personnel are being targeted within the phishing campaigns. 

The similarity across the campaigns leads GreatHorn Threat Intelligence to believe it is a singular entity behind the attacks.The attackers appear to be attempting to evade detection by spoofing well-known applications, including Microsoft Office, Zoom, Microsoft Teams, and more. Also analysts at the cloud security specialist at Menlo Security say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

For organisations who are using role-based email security, users within these roles can be placed on more restrictive policies to minimise the risk associated with these attacks. Industries targeted by the attacks include finance, technology, manufacturing, government, pharmaceuticals, oil and gas, hospitality and more.

To protect against this and other phishing attacks, users should be wary of opening any links or attachments in emails that come from an unknown source - always check the source first before opening the email.

GreatHorn:          Dark Reading:         ZDNet:         KKHackLabs

You Might Also Read:

Cyber Security Teams Worry Most About Phishing & Ransomware:

 

« Voter Data Being Used To Disrupt US Election
Facebook & Google Will Be Regulated »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

Cybersecurity Collaboration Forum

Cybersecurity Collaboration Forum

The mission of the Cybersecurity Collaboration Forum is to foster information security communication and idea sharing across the C-Suite, enabling leaders to better protect their enterprises.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

ADVA Optical Networking

ADVA Optical Networking

ADVA is a company founded on innovation and focused on helping our customers succeed. Our technology forms the building blocks of a shared digital future and empowers networks across the globe.

HiScout

HiScout

HiScout is your integrated management system for IT governance, risk & compliance.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.