There is a new phishing campaign currently ongoing that aims at stealing passwords. The attackers use a phishing kit that makes use of pieces of code that have been copied from other hackers. Phishing kit A phishing kit is a software that facilitates the attacks. According to Microsoft, this phishing kit is made up of several elements and is readily available for sale since they have been repackaged and are readily available to willing buyers. Microsoft has since branded the kit ZooToday and has discovered that it is making use of the WorkMail domain AwsApps[.]com. It then unleashes emails with links that mimic the Microsoft 365 login page to phishing pages. Not large scale enough Compared to other phishing attacks, this one appears to be a low-budget one as it does not attack any specific organization. It randomly generates domain names making the chances of attacking a real firm really slim but not entirely impossible. The technique used is what caught Microsoft’s attention since it copies the company’s zero-point font obfuscation. This is a HTML text with a zero font size in an email that aims to avoid human detection. Microsoft 365 A large number of the targeted attacks were found to be similar to the Microsoft 365 sign-in page. Another unusual activity was that the data harvested remained on the site and was not shared elsewhere. Although no party has come forward to claim ownership, Microsoft strongly believes this is a single operation attack. What are some of the steps you are taking to protect yourself from spoof emails? Let us know in the comment section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
