A new phishing campaign first seen in May of 2020 targets high level executives in multiple private sector industries including manufacturing, real estate, finance, and government. The fake email notifies the C-level employees that their Office 365 password has expired and provides a link that supposedly allows them to reset it. The malicious link redirects them to a phishing page that steals the employee’s credentials. Binary Defense analysts often come across compiled lists of email addresses of company executives on the Dark Web; the email addresses are usually taken from sites such as LinkedIn.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security