Massive New Phishing Campaign Targeting Microsoft Email Services Users

Researchers warn of a new, large-scale phishing campaign targeting users of Microsoft Outlook email services.

ThreatLabz’s team discovered the new phishing kit and said it uses an adversary-in-the-middle (AiTM) model, which can be effective for evading detection by email and network security protections, as well as circumventing multi-factor authentication protections.

ThreatLabz researchers said they discovered several newly registered domains used in the active phishing campaign.

“The campaign is specifically designed to target end-users in companies using Microsoft’s email services,” according to the ThreatLabz report on the new phishing campaign. “Business Email Compromise (BEC) remains an ever-present threat to organizations, and this campaign reiterates the need to protect against such attacks.”

Stay on top of the latest cybersecurity threats, newly discovered vulnerabilities, information about data breaches and emerging trends. Delivered daily or weekly directly to your email inbox.

Subscribe

Leave a Comment