Phishers Target Microsoft & Google Public Cloud Users

Uploaded on 2020-10-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

A series of massive phishing campaigns are targeting public cloud users and the hackers are primarily looking for accounts on Microsoft's Office 365 and Google's Gmail platforms. 

Attacks are aimed at stealing corporate Microsoft Office 365  usernames and passwords is targeting a wide range of organisations and is trying to use CAPTCHA imagess (an automated challenge-response test) as a technique to lull victims into a fall sense of security.

Analysts at GreatHorn Threat Intelligence point to a phishing operation that is taking victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. 

GreatHorn has discovered these massive cyber attack propagating via open redirector domains and subsidiary domains belonging to multiple global brands, spreading through tens of thousands of mailboxes and targeting business users across industries, geographies, and companies. These attacks attempt to steal corporate email credentials, coupled with malicious JavaScript that deploys various Trojans and malware on any user who visits these pages, regardless of whether they submit their credentials or not. 

GreatHorn has also identified that senior executives and finance personnel are being targeted within the phishing campaigns. 

The similarity across the campaigns leads GreatHorn Threat Intelligence to believe it is a singular entity behind the attacks.The attackers appear to be attempting to evade detection by spoofing well-known applications, including Microsoft Office, Zoom, Microsoft Teams, and more. Also analysts at the cloud security specialist at Menlo Security say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

For organisations who are using role-based email security, users within these roles can be placed on more restrictive policies to minimise the risk associated with these attacks. Industries targeted by the attacks include finance, technology, manufacturing, government, pharmaceuticals, oil and gas, hospitality and more.

To protect against this and other phishing attacks, users should be wary of opening any links or attachments in emails that come from an unknown source - always check the source first before opening the email.

GreatHorn:          Dark Reading:         ZDNet:         KKHackLabs

You Might Also Read:

Cyber Security Teams Worry Most About Phishing & Ransomware:

 

« Voter Data Being Used To Disrupt US Election
Facebook & Google Will Be Regulated »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

Shift5

Shift5

Shift5 focus on securing operational technology (OT) by building best-in-class, dual-use products serving military and commercial entities.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

DTS Systeme

DTS Systeme

DTS Systeme is an IT service provider with a focus on the core areas of datacenter, technologies and IT security.

Gradient Cyber

Gradient Cyber

Gradient Cyber offer mid-market organizations enterprise-grade threat detection and response services at a fraction of the cost of an in-house SOC.

Exalens

Exalens

With deep roots in AI-driven cyber-physical security research and intrusion detection, at Exalens, we are enhancing operational resilience for cyber-physical systems at the OT edge.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Lightpoint Global

Lightpoint Global

Lightpoint Global is a bespoke software development company. We also provide a spectrum of services such as IT consulting, business analysis, QA and testing, and DevOps services.

Koop

Koop

Koop’s trust management platform helps navigate the complexities of regulatory compliance, security reviews, and liability insurance in a single place.