Autodesk Drive, a widely used data-sharing platform, has become the target of a sophisticated phishing campaign. Threat actors are abusing the platform to host malicious PDF files, which are then used in targeted phishing attacks aimed at stealing Microsoft login credentials.
According to reports from Cyber Security News, the attackers have compromised email accounts to send phishing emails containing links to the weaponized PDFs hosted on Autodesk Drive. To make the emails appear legitimate, they include the sender’s name and company information. When recipients click on the links, they are directed to a fake Microsoft login page designed to harvest their credentials.
What makes this attack particularly dangerous is its use of legitimate services like Autodesk Drive and Microsoft OneDrive, making it harder for users to recognize the phishing attempts. After unwittingly providing their credentials, victims are redirected to seemingly harmless documents on OneDrive, further masking the malicious nature of the attack.
Furthermore, threat actors have automated the phishing emails to adapt to the recipient’s language, increasing the likelihood of success. For instance, phishing emails sent from a Canadian company contained PDFs in French, demonstrating the attackers’ sophistication.
To protect against such attacks, organizations and individuals are urged to exercise caution when accessing links from emails, especially those containing PDF attachments hosted on Autodesk Drive. Additionally, always verify the authenticity of login forms before entering any credentials to prevent falling victim to phishing scams.
Stay vigilant and report any suspicious emails or activities to your organization’s IT security team immediately.
