During the last weeks of October, a new phishing campaign that targets executives in an attempt to steal their Office 365 passwords was observed by researchers at McAfee Labs. The phishing emails appear to be a voicemail notification, and emails typically include an attached audio recording that sounds like a voicemail message. The email contains an attached HTML file that will redirect to a phishing website controlled by the attackers. The phishing website appears to be an Office 365 login page, and it auto-fills the targeted person’s email address. If the targeted person enters their password into the login form, the attacker collects the password and the website redirects to the real Office 365 login page to avoid suspicion.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.