Rewterz Threat Alert – Microsoft Office 365 Admins Targeted by Ongoing Phishing Campaign
November 18, 2019Rewterz Threat Alert – Iranian APT Uses Job Scams to Lure Targets
November 18, 2019Rewterz Threat Alert – Microsoft Office 365 Admins Targeted by Ongoing Phishing Campaign
November 18, 2019Rewterz Threat Alert – Iranian APT Uses Job Scams to Lure Targets
November 18, 2019Severity
Medium
Analysis Summary
A silly phishing campaign is underway where the attackers state that the target’s password will expire and be changed unless they login and confirm that they want to keep it the same. The phishing email states that the users need to click on the “Keep same password” button or their password will expire. Given below is the email body.
Once the target clicks on the “Keep same password” link they will be brought to a page asking them to login to their mail server.
When the user enter their login credentials, the attackers will now have their login credentials and will be able to access the email account.
Impact
- Credential Theft
- Unauthorized Access
Remediation
- Do not respond to emails coming from untrusted sources.
- Do not enter credentials on any sites you’re redirected to, through untrusted URLs.
- Implement employee awareness programs against phishing attacks.