Microsoft had a similar phishing campaign attack a few months ago with the criminals thirsty for credentials.

Servers are safe

The phishing campaign is not linked to one individual as it seems it is a multi-criminal attack. Two phishing campaign kits appear to have been used, namely Iamtheboss and another named MIRCBOOT. The servers have not been compromised, as the SES token was revoked immediately after the phishing attacks were discovered.

Sourcing for credentials

The cybercriminals made an attempt by camouflaging the phishing messages and redirecting users to the phishing landing pages. The aim was to harvest the victims’ Microsoft credentials. This enabled them to easily bypass Secure Email Gateway (SEGs) protections and access the victims’ mailboxes.

Users to stay vigilant

Although no servers were compromised or malicious activities were detected, Kaspersky advises its users to be extra vigilant and cautious when asked for their credentials. If you are unsure where the emails are coming from, you can verify the sender’s identity on Kaspersky’s blog. What are some of the tips you use to protect yourself from cyber-attacks? Share with us in the comment section below.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ