An uptick in phishing attempts using a fake and badly created Office 365 credentials update form is taking place, according to a new Cofense report.
Not only is the form, which is linked to in the email, riddled with typos and capitalization errors, but it is actually a Google Forms fdocs form. Something Microsoft is unlikely to use under any circumstances.
The Cofense Phishing Defense Center found the malicious actors did go to great lengths in some respects to make their scam appear legitimate. The email itself originates from a real company, the financial services provider CIM Finance, and they used the CIM Finance website to host the emails to help bypass basic email security checks.
An additional elusive step is to use Google so the doc has an authentic SSL certificate so the recipients will believe they are being linked to a Microsoft page. However, the URL links to an external Google page.
The email claims to be from the IT corporate team and states the person’s Office 365 account has expired and unless the individual clicks the link and updates the account it will be suspended.
At this po ..
Support the originator by clicking the read the rest link below.
