Dozens of organizations have been targeted by a sophisticated phishing campaign that uses attractive AitM techniques to carry out the attacks.
Once the attacker has gained persistence, he exfiltrates data from the compromised account and uses his access to spread the phishing attacks against other victim’s employees along with several external targeted organizations.
The findings come less than a week after Microsoft detailed a similar combination of an AITM phishing and a BEC attack aimed at banking and financial services organizations.
Besides personalizing the emails to the intended victim, the attacker can also impersonate a trusted figure to achieve their goals.
UPCOMING WEBINAR Mastering API Security: Understanding Your True Attack Surface Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply