ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Attackers turn to fake reCAPTCHA to con Microsoft 365 users in a new phishing attack

Microsoft 365 users saw a slew of phishing emails, thanks to an ongoing attack aiming at stealing Microsoft 365 credentials. To make the emails look more realistic and legitimate, attackers are adding a fake Google reCAPTCHA system in addition to their company logos in the mails. Security researchers indicate that over 2500 such emails have been unsuccessfully sent to senior-level employees in the banking and IT sector, over the past three months.

These phishing emails first take the receiver to a fake Google reCAPTCHA page upon clicking a link in the mail. Once the recipient take the test, they are redirected to a bogus landing page from where their Microsoft 365 credentials are stolen. Another common method that attackers seem to apply is by sending senior members of an organization, emails about voicemail attachment. The modus operandi is similar in such attacks too.

Researchers are concerned that attackers are putting more work in to making the phishing attack look more legitimate and the landing pages fit the victim profile. The attacks are also targeting senior business leaders increasingly as such people have the most privileges and access to sensitive data.

Researchers also noted that most phishing pages associated with the campaign were hosted using generic top-level domains such as .xyz, .reset, and .online. These domains are usually used by cybercriminals in spam and phishing attacks owing to its cheap availability.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.