Beware of a sophisticated phishing attack targeting Microsoft 365 users

There is a new Microsoft 365 phishing attack spreading, and it’s been talked about in detail in the latest report from the email security service Vade. The group’s Threat Intelligence and Response Center (TIRC) was able to gather information about the attack and found that it was being executed using an email with a malicious HTML attachment with JavaScript code. Here’s what we know about the attack and how you can prevent it from finding its way to you. 

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER 

How does this phishing attack targeting Microsoft 365 work? 

The process for the attack begins when someone receives the email mentioned above with the malicious HTML attachment with JavaScript code. If that person opens this attachment, it will open up a phishing page that looks like the person has been logged out of their Microsoft 365 account and needs to log in again to view the file. It is designed to mimic the login interface of Microsoft 365 complete with the logo.  Here, the person will be asked to type in their credentials, such as their email address, phone number, or Skype, then their password so that the hackers can steal the authentication information. Once phished, the login credentials are then sent straight to the threat actors. 

We reached out to Microsoft for a comment on this phishing attack targeting Microsoft 365 but did not hear back before our deadline for publishing this article.  

Hackers exploit glitch.me to host malicious domain 

The hackers have been using the website glitch.me to host these phishing pages, including the malicious domain known as eevilcorponline. Glitch.me is typically used innocently for people to create things like websites and other online projects.  

TROUBLING MALWARE THREAT SPREADING ON FACEBOOK AND TWITTER  

Same team also discovers Adobe phishing attack 

While researching the Microsoft 365 phishing attack, the team at Vade also discovered a phishing attack that’s been posing as a legit version of Adobe. Adobe, for those who don’t know, is a renowned software company that specializes in creating multimedia and creativity tools, widely known for products like Photoshop, Illustrator, and Acrobat. 

Microsoft Corporation booth signage at CES

LAS VEGAS, NEVADA – JANUARY 06: Microsoft Corporation booth signage is displayed at CES 2023 at the Las Vegas Convention Center on January 6, 2023 in Las Vegas, Nevada. CES, the world’s largest annual consumer technology trade show, runs through January 08 and features about 3,200 exhibitors showing off their latest products and services to more than 100,000 attendees.  ((Photo by David Becker/Getty Images))

Vade found an email pretending to be from Adobe. The email tried to trick people into giving away their personal information. Vade looked at the email and found some secret codes that helped them to understand the scam better. They found a website called “ultimotempore[.]online” that was trying to trick people. They also found another website.

What can I do to protect myself? 

Protecting yourself from phishing attacks like the two mentioned above can be intimidating; however, there are a few key signs you can catch on your own as well as services that can help you. Here are some of my tips. 

 NEW MALWARE TARGETING MACOS AND CAN STEAL SENSITIVE INFORMATION FROM YOUR DEVICES  

Don’t open any suspicious attachments 

If you’re getting an email out of the blue that’s urging you to open an attachment or click on a random link, don’t fall for it. Hackers will often try to use urgency in their emails to make you feel like you have to do what they say, so use your judgment, and if something feels fishy, don’t trust it. 

Be cautious of emails asking you to enter your login information 

If you receive an email asking you to enter your login information, be cautious. It’s best to go directly to the website in question and log in there rather than clicking on a link in an email. 

Use antivirus software  

Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information. 

See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to Cyberguy.com/LockUpYourTech 

Fraud version of Microsoft

Fake version of Microsoft 365 (Vade)

A NEW MALICIOUS MALWARE IS SPECIFICALLY TARGETING IPHONES  

Double-check the email address 

Some hackers will try to pretend to be representatives from bigger companies like Microsoft and Adobe to trick you into thinking they’re legit. Before you click on anything or open any attachments, check the email address of the sender and look it up for yourself. Those bigger companies will have official email addresses, so if this one doesn’t match, you know you’re dealing with a fake. 

Kurt’s key takeaways 

Phishing attacks are something we’ve talked about often and remain a serious threat and way for cybercriminals to distribute malware. Unfortunately, they won’t be stopping any time soon. However, this doesn’t mean you have to fall victim to them. By following the tips mentioned above, you can protect yourself. So, stay vigilant and keep your guard up against these deceptive schemes to stay one step ahead of these crooks. 

Do you feel that security problems are growing or under control?  Why do you think it’s often the smaller cybersecurity firms that end up discovering these issues? Let us know by writing us at Cyberguy.com/Contact. 

Fraud version of Adobe

Fake version of Adobe (Vade)

CLICK HERE TO GET THE FOX NEWS APP

For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter. 

Copyright 2023 CyberGuy.com.  All rights reserved. 

Leave a Reply

Your email address will not be published. Required fields are marked *