The National CERT wishes to warn the users of Microsoft Office 365 of a possible new phishing campaign where attackers try to get hold of the users’ Office 365 account login credentials.
The phishing message features fake notification about the Zoom communication platform account being taken down, with a link redirecting the user to a fake Microsoft login page. Based on the latest research, similar phishing messages appear to have reached over 50,000 email addresses so far. Taking over the credentials enables the attackers to access and abuse all the sensitive information stored in these accounts.
More info is available at the following links:
- https://www.bleepingcomputer.com/news/security/persuasive-office-365-phishing-uses-fake-zoom-suspension-alerts/
- https://abnormalsecurity.com/blog/abnormal-attack-stories-spoofed-zoom-attack/
So far, with the pandemic still increasingly present and a great deal of work being done from home, numerous abuses of communications platforms have been observed, among them the popular Zoom application. For more, please follow the National CERT’s link.