New Research: Fake Invoice Attack with Malware Bypasses Office 365, Targeting 100,000 Mailboxes 

Armorblox has a deep dive into their latest analysis on an attack targeting end users across a large, national institution within the Education Industry with an email almost identical to an invoice reminder notification from a trusted vendor. 

Upon opening the attachment, unsuspecting victims were met with a message that seemed to be from Microsoft informing the recipient that he or she was being taken to the organization’s sign-in page. No matter if the end user immediately closed the attachment or waited to be navigated through, just opening the attachment initiated the installation of malware onto the user’s machine. 

Further details of this attack can be found in the blog, including:

  • What techniques were used to get past traditional email security filters and pass the eye tests of unsuspecting users?
  • How this attack  bypassed Microsoft Office 365 email security, potentially compromising more than 100,000 mailboxes.
  • Guidance and recommendations that can be used to prevent similar attacks.

You can read the deep dive here.

Leave a Reply