Several months ago, Netskope Threat Labs uncovered a surge in PDF phishing attachments infiltrating Microsoft Live Outlook. These attacks were part of a larger series of phishing campaigns aimed to trick unsuspecting users.
Upon closer examination, it's now apparent that the majority of these campaigns centered around Amazon-themed scams, with occasional diversions into Apple and IRS-themed phishing attempts. What makes these attacks even more cunning is the perpetrators' exploitation of free services to evade detection.
Netskope Threat Labs recently delved into the root causes of an alarming increase in malware downloads from Microsoft Live Outlook. They discovered that a significant contributor to this surge was a variety of Amazon-themed phishing PDF attachments. The modus operandi of these attackers involved posing as members of the Amazon support team, sending notifications to recipients claiming their Amazon account had been suspended due to incorrect billing information.
The victims, in an attempt to resolve the issue, were instructed to update their billing information by clicking on a provided hyperlink. However, the real danger is hidden within the link. The bad actors abused various redirectors, often employing URL shorteners to obscure the actual malicious URL, making it challenging to detect their nefarious activities.
These campaigns were not indiscriminate; instead, they exhibited a focused approach. The attackers specifically targeted personal Microsoft Live Outlook accounts in North America, Southern Europe and Asia. By concentrating their efforts on these regions, the threat actors sought to maximize their chances of success.
The most unsettling aspect of this phishing campaign is the attackers' entry points. They exploited conversion trackers and redirectors to hide their malicious URLs, effectively camouflaging their attacks. By employing these tactics, the attackers increased the likelihood of phishing attempts going undetected.
As these phishing campaigns become increasingly sophisticated, it's essential for your users to remain vigilant. Be cautious when receiving unexpected messages, especially those requesting personal or financial information. Double-check the sender's email address and scrutinize any links before clicking on them. In the case of emails claiming account issues, it's always safer to navigate directly to the official website rather than clicking on links provided in the email.
The Amazon-themed phishing campaign targeting Microsoft Live Outlook users is a stark reminder to always educate your users with new-school security awareness training. By staying informed and cautious when any email hits your users' inbox, your organization can better protect themselves against these types of threats. Remember, it's better to be safe than sorry when dealing with unsolicited emails and suspicious links!
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Netskope has the full story.