This article has been indexed from Softpedia News / Security
Microsoft researchers identified a new phishing campaign that is incredibly clever and can get past a variety of detections, according to Threat Post. Hackers use Microsoft SharePoint lures and spoof sender addresses to trick victims into providing them with their credentials.
A tweet from Microsoft Security Intelligence unveiled a new phishing campaign involving SharePoint. The campaign targets organizations that use Microsoft Office 365 via the much-appraised file-sharing functionality of SharePoint. The effort imitates legitimate services to fool email filters and generates fake sender addresses that contain the usernames and domains of the intended recipients.
If the victim receives an email that appears to be from a colleague, it may contain a link to a phishing page that inform…
Read the original article: SharePoint File-Shares Exploited in Phishing Campaign