Due to the convergence of technology and tech-enabled devices, public cloud infrastructure has become cybercriminals’ one of the favorite attack surfaces. Recently, researchers have warned about at least three ongoing massive phishing campaigns targeting the users in public cloud servers.
The three phishing campaigns
In comprehensive and mTo ulti-pronged attacks, cybercriminals have managed to make headlines repeatedly using various innovative tactics.
- In a recent phishing campaign, cybercriminals were using open redirector domains and subsidiary domains belonging to multiple global brands, such as Microsoft, Google, and, to target business users across multiple industries, locations, and organizations by hosting fake Office 365 login pages.
- In another campaign, phishers were tricking individuals into clicking malicious links, related to the U.S. President Donald Trump’s Covid-19 illness, to download loaders (such as BazarLoader backdoor trojan) associated with ransomware attacks.
- In another wave of phishing campaigns, attackers were seen deploying socially engineered landing pages with layers of CAPTCHA-based verification to trick the victims, primarily in the hospitality sector, into taking the bait.
Other actors lurking in the dark
In October, several sophisticated threat actors were observed making use of various tricks and malware to launch phishing campaigns.
- Iranian APT group MuddyWater was identified using phishing emails as a primary vector to carry malicious decoy documents (Excel or PDF) that, when opened, would download and install PowGoop malware from the hackers’ servers.
- TrickBot operators were seen launching phishing attacks using the stealthy BazarLoader trojan to deploy the Ryuk ransomware on high-value targets.
Phishing scams a real challenge
More complex and pernicious tactics of cybercriminals are an obstacle to an organization’s growth. Experts recommend organizations and individuals to pay close attention to the red flags, deploy spam filters, antivirus, web filters, encryption, and monitoring tools.
To read the original article: