/plushcap/analysis/cloudflare/microsoft-sharepoint-covid19-phishing

Phishpoint back in full swing: an infamous Microsoft SharePoint spoof resumes with new tactics

What's this blog post about?

Area 1 Security researchers have identified a Microsoft SharePoint phishing campaign that leverages new COVID-19 restrictions to steal victims' login information. The attacker targets upper-level management and executives, using Virtual Private Servers (VPS) to send their phishing messages. The malicious links direct users to spoofed Microsoft login pages hosted on various cloud computing platforms. This campaign is difficult to detect due to its use of VPS and leading email service providers, as well as abuse of multiple cloud services throughout several stages of the attack.

Company
Cloudflare

Date published
Dec. 11, 2020

Author(s)
Elaine Dzuba

Word count
1098

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.