Menu

  • Alerts
  • Incidents
  • News
  • Cyber Briefing
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Tutorials

Useful Tools

  • Password Generator
No Result
View All Result
Monday, December 4, 2023
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
    • Cyber Briefing
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
Get Help
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
    • Cyber Briefing
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
Get Help
No Result
View All Result
CyberMaterial
No Result
View All Result
Home Alerts

Phishing Campaign Hits Executives

October 4, 2023
Reading Time: 2 mins read
in Alerts

A sophisticated phishing campaign has recently come to light, with its primary target being key executives in U.S.-based organizations who use Microsoft 365 accounts. This campaign exploits open redirects on the widely-used job listing website Indeed.com to launch its attacks.

By leveraging the EvilProxy phishing service, threat actors can harvest session cookies, which enables them to circumvent multi-factor authentication (MFA) safeguards. Researchers from Menlo Security have identified that the victims of this phishing campaign predominantly include high-ranking employees from various sectors, such as electronic manufacturing, banking, real estate, insurance, and property management.

Open redirects are legitimate URL links used to direct users automatically to other online locations, often third-party websites. However, cybercriminals exploit open redirects, which are vulnerabilities in website code, to redirect users to phishing pages, taking advantage of the trustworthiness of the original link.

In this particular campaign, attackers employ an open redirect on Indeed.com, an American job listing platform. Victims receive seemingly legitimate emails containing an Indeed.com link that, when clicked, leads them to a phishing site posing as a reverse proxy for Microsoft’s login page.

EvilProxy serves as a phishing-as-a-service platform, using reverse proxies to mediate communication between the target and the actual online service, in this case, Microsoft. When victims access their accounts through this phishing server, which closely mimics the authentic login page, the attackers can capture authentication cookies.

Since users have already completed MFA during login, these acquired cookies provide cybercriminals with full access to victims’ accounts. To combat this growing threat, researchers have identified various artifacts from the attack, linking it to EvilProxy, and further efforts are being made to identify and apprehend the masterminds behind this campaign.

Reference:
  • EvilProxy Phishing Attack Strikes Indeed
Tags: AuthenticationCyber AlertCyber Alerts 2023Cyber AttacksCybersecurityEvilProxyMicrosoftMicrosoft 365October 2023PhishingPhishing attackPhishing CampaignUSAVulnerabilities
ADVERTISEMENT

Related Posts

December 04, 2023 – Cyber Briefing

December 04, 2023 – Cyber Briefing

December 4, 2023
TrickBot Developer Convicted

TrickBot Developer Convicted

December 4, 2023
Google reduces ad personalization in AdSense

Google reduces ad personalization in AdSense

December 4, 2023
BlueVoyant Expands Cyber Capabilities

BlueVoyant Expands Cyber Capabilities

December 4, 2023
Chrome’s cache update may enhance speed

Chrome’s cache update may enhance speed

December 4, 2023
UK AI Data Bill Advances Despite Concerns

UK AI Data Bill Advances Despite Concerns

December 4, 2023

Latest Alerts

Turtle macOS ransomware alert

Attack extracts ChatGPT training data

CISA warns on Iranian cyber threat

Mac Users Targeted by Proxy Trojan Threat

New Backdoor Agent Racoon

Zyxel Alerts Critical Flaws in NAS

Subscribe to our newsletter

    Latest Incidents

    Surgery Center Alerts 437K on Data Theft

    Tipalti Hackers Threaten Data Leak

    Hacker Targets Safe Wallet, Stealing $2M

    Hackers breach Israeli hospital

    Credit Union Ransomware Outage Concerns

    Honey Birdette Faces Data Breach

    Next Post

    Counterfeit npm Packages Threaten Developers

    • About Us
    • Contact Us
    • Legal and Privacy Policy
    • Site Map

    © 2023 | CyberMaterial | All rights reserved

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Briefing
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials

    Copyright © 2023 CyberMaterial

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist