During the last weeks of October, a new phishing campaign that targets executives in an attempt to steal their Office 365 passwords was observed by researchers at McAfee Labs. The phishing emails appear to be a voicemail notification, and emails typically include an attached audio recording that sounds like a voicemail message. The email contains an attached HTML file that will redirect to a phishing website controlled by the attackers. The phishing website appears to be an Office 365 login page, and it auto-fills the targeted person’s email address. If the targeted person enters their password into the login form, the attacker collects the password and the website redirects to the real Office 365 login page to avoid suspicion.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased