As per experts, a new phishing campaign has been discovered that impersonates logistics giant DHL in order to steal Microsoft 365 credentials from victims in the education industry. Cybersecurity researchers from Armorblox recently found a significant phishing campaign, with more than 10,000 emails sent to inboxes connected to a “private education institution”.
The email is designed to appear to be from DHL, with the company branding and tone of voice one would expect from the shipping giant. The recipient is informed in the email titled “DHL Shipping Document/Invoice Receipt” that a customer sent a parcel to the incorrect address and that the correct delivery address must be provided.
False login prompt
The email apparently includes an attachment, labeled “Shipping Document Invoice Receipt,” which, when opened, appears to be a blurred-out preview of a Microsoft Excel file.
A Microsoft login page appears over the blurred-out document, attempting to deceive people into believing they must log into their Microsoft 365 accounts in order to view the file’s contents. If the victims provide the login credentials, they will be sent directly to the attackers.
Armorblox explained, “The email attack used language as the main attack vector in order to bypass both Microsoft Office 365 and EOP email security
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: