SEVERITY: Medium
ANALYSIS SUMMARY
After a break, office 365 phishing email campaign has resurfaced again asking the users to click on the page that redirects them to the phishing site that looks exactly like an office 365 page, asking for their credentials.
Users are sent a phishing email in which they’re told that their account has been temporarily disabled or they have limited access to the account. This campaign was previously active in 2018 and has resurfaced again after a few months gap.
This email would look like this.
The malicious phishing page demands credentials and personal information, which can be used in various kinds of malicious activities.
IMPACT
INDICATORS OF COMPROMISE
Email Address
kurasi[@]sv342[.]xserver[.]jp
REMEDIATION