Threat actors are increasing phishing attacks against Microsoft Office 365 users, according to cybersecurity firm Kaspersky. In a report, the company says there are two phishing kits being used, “MIRCBOOT” and “Iamtheboss” in the ongoing threat from multiple attackers.
Emails are in fax notification form and are masking themselves by looking like the come from major brands. Kaspersky points out Office 365 users could be fooled into thinking the emails are from legitimate sources, including Kaspersky itself.
“The phishing e-mails are usually arriving in the form of ‘fax notifications’ and lure users to fake websites collecting credentials for Microsoft online services,” the company says.
At least one of the campaigns takes advantage of Amazon Simple Email Services (SES), which allows developers to send emails from their applications. Kaspersky points out attackers are using stolen SES tokens from a third-party, that were used during the 2050.earth website development.
2050.earth is a Kaspersky website that uses an interactive map showing what futurologist believe technology will look like in the future, focusing on its impact. Threat actors were able to steal SES tokens related to the project from a third party.
“These emails have various sender addresses, including but not limited to firstname.lastname@example.org. They are sent from multiple websites including Amazon Web Services infrastructure,” Kaspersky cautions.
However, the researcher says there was no damage caused by the attack:
“No server compromise, unauthorized database access or any other malicious activity was found at 2050.earth and associated services.”
Microsoft Office 365 is one of the most targeted software platforms in the world, with phishing for credentials a big part of threats against the suite. In 2019, Kaspersky reported attacks on Microsoft’s Office brand accounted for 70% of all cyberattacks.
Tip of the day: Do you know that Windows 10 allows creating PDFs from basically any app with printing support? In our tutorial, we show you how this works via Microsoft Print to PDF and Bullzip PDF Printer to save a PDF from any app, even with advanced options like adjusted quality, multi-page printing, and password protection.