Microsoft reported:
Find the original article here.
Takeaway: Use a password manager to both store passwords and store sign-in URLs so you don't click links in emails.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Microsoft Defender Researchers uncovered a multi‑stage adversary‑in‑the‑middle (AiTM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector, resulting in the compromise of various user accounts.
The 7-Steps:
The 7-Steps:
- Attacker initial access to user inbox via SharePoint URL
- SharePoint service for the phishing campaign
- URL redirected users to a credential prompt
- The attacker created an Inbox rule to delete all incoming emails
- Phishing emails sent to victims contacts
- The attacker responded to contact reply emails that the email was legitimate
- Those that clicked the phishing URL were targeted in another attack
Find the original article here.
Takeaway: Use a password manager to both store passwords and store sign-in URLs so you don't click links in emails.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat