Abnormal Security has released its latest blog of a phishing campaign exploiting Dropbox’s platform—blending genuine email elements with adversary-in-the-middle (AiTM) tactics to steal login credentials.
In this attack, the email claims “Human Resources” has shared a document regarding annual salary increases and open enrolment on Dropbox. Clicking the “View on Dropbox” button sends recipients to Dropbox’s legitimate site, where they are instructed to provide Dropbox login credentials to view the file. What makes this attack unique is that it originated from a trusted sender and includes legitimate embedded links.
From there, employees are redirected to a spoofed Microsoft OneDrive portal and prompted to provide their Microsoft login credentials where credentials are ultimately stolen.
You can read the blog post here: https://abnormalsecurity.com/blog/adversary-in-the-middle-dropbox-phishing-open-enrollment
Like this:
Like Loading...
Related
This entry was posted on November 18, 2024 at 9:00 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Phishing Attack Leverages AiTM Tactics to Steal Credentials From Legitimate Dropbox Website During Open Enrolment Period
Abnormal Security has released its latest blog of a phishing campaign exploiting Dropbox’s platform—blending genuine email elements with adversary-in-the-middle (AiTM) tactics to steal login credentials.
In this attack, the email claims “Human Resources” has shared a document regarding annual salary increases and open enrolment on Dropbox. Clicking the “View on Dropbox” button sends recipients to Dropbox’s legitimate site, where they are instructed to provide Dropbox login credentials to view the file. What makes this attack unique is that it originated from a trusted sender and includes legitimate embedded links.
From there, employees are redirected to a spoofed Microsoft OneDrive portal and prompted to provide their Microsoft login credentials where credentials are ultimately stolen.
You can read the blog post here: https://abnormalsecurity.com/blog/adversary-in-the-middle-dropbox-phishing-open-enrollment
Share this:
Like this:
Related
This entry was posted on November 18, 2024 at 9:00 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.