New Phishing Attack Spoofs Microsoft 365 Authentication System

The email security and threat detection company Vade has published a report on a recent phishing attempt that involves faking the Microsoft 365 authentication mechanism. The assault email contains a malicious HTML attachment with JavaScript code, according to Vade’s Threat Intelligence and Response Centre. The goal of this code is to collect the recipient’s email address and alter the page with information from a callback function’s variable.

When examining a rogue site, TIRC researchers decoded the base64-encoded message and discovered information about Microsoft 365 phishing assaults. The requests for phishing applications were made to eevilcorponline, according to researchers. Its source code, which was discovered using periodic-checkerglitchme, resembled the HTML file in the attachment, proving that phishers are using glitch.me to host malicious HTML sites.

New Phishing Attack Spoofs Microsoft 365 Authentication System

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

New Phishing Attack Spoofs Microsoft 365 Authentication System

09-Jul-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address