Armorblox has a deep dive into their latest analysis on an attack targeting end users across a large, national institution within the Education Industry with an email almost identical to an invoice reminder notification from a trusted vendor.
Upon opening the attachment, unsuspecting victims were met with a message that seemed to be from Microsoft informing the recipient that he or she was being taken to the organization’s sign-in page. No matter if the end user immediately closed the attachment or waited to be navigated through, just opening the attachment initiated the installation of malware onto the user’s machine.
Further details of this attack can be found in the blog, including:
- What techniques were used to get past traditional email security filters and pass the eye tests of unsuspecting users?
- How this attack bypassed Microsoft Office 365 email security, potentially compromising more than 100,000 mailboxes.
- Guidance and recommendations that can be used to prevent similar attacks.
You can read the deep dive here.
Like this:
Like Loading...
Related
This entry was posted on December 8, 2022 at 9:06 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Research: Fake Invoice Attack with Malware Bypasses Office 365, Targeting 100,000 Mailboxes
Armorblox has a deep dive into their latest analysis on an attack targeting end users across a large, national institution within the Education Industry with an email almost identical to an invoice reminder notification from a trusted vendor.
Upon opening the attachment, unsuspecting victims were met with a message that seemed to be from Microsoft informing the recipient that he or she was being taken to the organization’s sign-in page. No matter if the end user immediately closed the attachment or waited to be navigated through, just opening the attachment initiated the installation of malware onto the user’s machine.
Further details of this attack can be found in the blog, including:
You can read the deep dive here.
Share this:
Like this:
Related
This entry was posted on December 8, 2022 at 9:06 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.