Office 365 phishing attacks utilizes servers from Oxford

July 3, 2020
oxford server office 365 phishing attack cyberattack

Since many businesses use the Windows platform, incorporating the O365 applications, including emails, is an excellent move for each organization in managing their data and communication services. Not only is it a cost-effective move, but this also promises ease on the production system and organizing information throughout the infrastructure. Having this application or subscription in the organization, it can keep up to the latest demand on mobile technology and data availability, anytime and anywhere, with the use of any internet-connected device. However, with this offer, came its vulnerability and possible business exposure to malicious actors.

 

Be Careful on Office 365 login page

With the latest news in the cyberworld, another O365 hacking was recently exposed by researchers from the Check Point firm. With the same modus that was revealed in 2018, the recent attack happened just this April, where the Oxford University server used as its medium to infiltrate targeted businesses O365 credentials with the aid of Adobe Campaign.

Adobe Campaign was known for its high acceptance marketing feature through emails. It helps marketing strategists to be more productive through sent emails to targeted clients to be more attractive and likely less to be ignored.

 

Characteristics and disguise of the Oxford 365 Attack

Such characteristics and using a legit email domain make this phishing act becomes more successful compared to the traditional templates. As the hacker was able to compromise the Oxford University server and utilizing the Adobe Campaign feature, they were able to phish out O365 credentials to the targeted organization.

Disguised as a legit email sender as they used the domain email server of Oxford, they sent out phishing emails through a themed ‘Missed Voicemail‘ to the intended victim. With Adobe Campaign attractive feature, the fallen victim will open its content and to entirely do so, will be redirected to a controlled domain fake O365 login, wherein perpetrators can skim and record their username and password once entered. Through a sophisticated method of redirection, hackers able to bypass multi-layered security imposed by the targeted organization to avoid being detected with the ease of compromised WordPress sites. Thus, organization infiltration starts with these unknown hackers.

 

The statistics of the attack

Statistics on the rise of O365 seemingly increased even in the few months’ record. This type of attack was also noted with the almost 50,000 users are affected wherein Microsoft team alerts were used as its medium. So as the reported relief payment messages that been used by the hackers and sent to the intended victim disguising that emails came from the UK Government Small Business Grant Funds.

As recommended, an agile cloud and mail security solution is the best investment that companies must secure to be free on such related attacks.

About the author

Leave a Reply