You’ve Got Mail: New Phishing Attack impersonates DHL for User Credentials

Armorblox has released its latest research that dives into the details of a credential phishing attack that spoofed the international shipping, courier services and transportation company, DHL. 

These emails, targeting more than 10,000 mailboxes of a private institution within the education industry, bypassed both native Microsoft Office 365 Email security and Exchange Online Protection (EOP) email security layers.

How it works: In this attack, end users were presented with an email that resembled a notification from DHL, notifying recipients about a parcel sent by a customer that needed to be rerouted to the correct delivery address. Users were encouraged to view the attached document and confirm the destination address of the parcel shipment by providing Microsoft login credentials. Unknowingly, the provided sensitive information entered on the fake login page was sent straight to the attackers. 

You can read the research here.

Leave a Reply

%d bloggers like this: