10/16/2020
05:45 PM

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

At least three campaigns are now underway.



Researchers are warning of a series of massive phishing campaigns underway that are taking special aim at public cloud users. The campaigns are targeting accounts on Microsoft's Office 365 and Google's Gmail with tactics designed to provide a false sense of security or prey on curiosity about current events.

Related Content:

Prolific Cybercrime Group Now Focused on Ransomware

2020 State of Cybersecurity Operations and Incident Response

New on The Edge: What's Really Happening in Infosec Hiring Now?

Researchers at Greathorn point to a campaign using open redirectors to take victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. At the same time, Toolbox reports that Menlo Security researchers say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

A third campaign, reported in VPN Overview, is using curiosity around US President Donald Trump's recent COVID-19 diagnosis to lure victims to click on links that download loaders associated with ransomware attacks.

Read more here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service