Tech Republic reported:
Check Point’s Harmony Email & Collaboration team detected over 5,000 emails disguised as Microsoft product notifications, which could lead to email extortion, the cybersecurity company said on Oct. 2. The emails stand out for their polished appearance and the inclusion of legitimate links.
The emails come from “organizational domains impersonating legitimate administrators,” making them appear as if they came from an internal administrator, colleague, or business partner. The fake emails link to legitimate Microsoft or Bing pages, making it difficult for even security-conscious employees scanning for suspicious URLs to detect the scam.
Check Point noted that logging in to a fake email — thereby giving the attacker your login information — can “lead to email account takeover, ransomware, information theft or other negative outcomes.” The team did not provide any information about whether the attackers had succeeded in exploiting anyone so far.
The emails come from “organizational domains impersonating legitimate administrators,” making them appear as if they came from an internal administrator, colleague, or business partner. The fake emails link to legitimate Microsoft or Bing pages, making it difficult for even security-conscious employees scanning for suspicious URLs to detect the scam.
Check Point noted that logging in to a fake email — thereby giving the attacker your login information — can “lead to email account takeover, ransomware, information theft or other negative outcomes.” The team did not provide any information about whether the attackers had succeeded in exploiting anyone so far.
Find the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat