In a Twitter thread, Microsoft provided insight into an ongoing spam campaign that takes advantage of compromised email marketing services such as SendGrid and Amazon SES. Because these services are legitimate, Secure Email Gateways (SEGs) won’t distinguish the sender’s content as the email marketing service is genuine on the surface. This campaign is also concerning in many ways as it also takes advantage of many who are working from home by utilizing video conference invite lures. It is estimated that approximately 400,000 credentials have been collected using these techniques in tandem.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is