Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

At least three campaigns are now underway.

Dark Reading Staff, Dark Reading

October 17, 2020

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Researchers are warning of a series of massive phishing campaigns underway that are taking special aim at public cloud users. The campaigns are targeting accounts on Microsoft's Office 365 and Google's Gmail with tactics designed to provide a false sense of security or prey on curiosity about current events.

Researchers at Greathorn point to a campaign using open redirectors to take victims to fraudulent Office 365 login pages where credentials are stolen and loaders installed. At the same time, Toolbox reports that Menlo Security researchers say a campaign is using multiple CAPTCHA images to convince victims, primarily in the hospitality industry, to give up their credentials and personal information.

A third campaign, reported in VPN Overview, is using curiosity around US President Donald Trump's recent COVID-19 diagnosis to lure victims to click on links that download loaders associated with ransomware attacks.

Read more here.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights