Microsoft Mail users targetted in new phishing campaign

4 min. read

Published onAugust 4, 2022

published onAugust 4, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

Read very carefully what we’re about to write in this article, as nobody is safe from attackers and the methods they are presently using.

To be more specific, Microsoft email service users need to really be on the lookout becauseZscaler, a cybersecurity research company, just discovered a new ongoing phishing campaign targeting Microsoft email users.

Not to scare you but, according to the firm, corporate users are under attack and the campaign is being run using adversary-in-the-middle (AiTM) technique to bypass multi-factor authentication.

Phishing campaign uses AiTM method to steal your credentials

Even the Redmond tech giant acknowledged this problem back in July when it created ablog postmeant to warn users about the impending danger.

To bring you up to speed, this AiTM technique places an adversary in the middle in order to intercept the authentication process between the client and the server.

Needless to say that, during this exchange, all of your credentials are as good as gone, as malicious third parties will have them as a result.

And, as you would have expected, this also means the MFA information is stolen. Therefore, the adversary in the middle acts like the server to the real client and the client to the real server.

As the security experts explained, this campaign is specifically designed to reach end users in enterprises that use Microsoft’s email services.

Remember that Business email compromise (BEC) continues to be an ever-present threat to organizations and this campaign further highlights the need to protect against such attacks.

These are some of the key points that cybersecurity experts have summarized, as a result of analyzing the threat at hand:

Per our analysis of the original emails using the Federal Credit Union theme, we observed an interesting pattern. These emails originated from the email addresses of the chief executives of the respective Federal Credit Union organizations.

Allow us to also mention that some of the attacker-registered domains were typosquatted versions of legit Federal Credit Unions in the US.

Nowadays, the line between online safety and compromising your entire operation is so fine, you’d need an atomic microscope to see it.

That’s why we always preach safety, which means:

It’s all up to you to stay safe in this everchanging online jungle, so be sure to take all the safety measures you need, in order to avoid disaster.

Have you received any such emails lately? Share your experience with us in the comments section below.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Microsoft Mail users targetted in new phishing campaign#

Phishing campaign uses AiTM method to steal your credentials#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft Mail users targetted in new phishing campaign

Phishing campaign uses AiTM method to steal your credentials