BitDam Detects New Phishing Trends in October

October brought a continued uptick in tailored O365 fake login page and identification of new methods to obtain personal information from the unsuspecting.

 

BitDam, through this ongoing monthly series, today announced its detection of the leading phishing trends throughout October 2020, including the ongoing popularity of using customized Microsoft pages to lure victims into entering their personal information. October’s findings include:

Tailored O365 Fake Login Pages

  • Instead of using regular Office365 login pages to still Microsoft credentials, hacker used branded Office365 login pages that targeted the specific organization faking the organization’s branding (including logo and domain) instead of the generic Microsoft login page.
  • BitDam noticed a dramatic increase in the prevalence of these attacks, which were very rare until August 2020.
  • More details here

Use of Office forms for credential theft

  • Instead of taking control over a credible domain or buying a domain that might look suspicious, some attackers use forms such as Office Forms or Google Forms, and asking victims to enter their credentials.
  • What drives the user to these online forms is a convincing email message such as “Your password is about to expire” or “To retrieve your email, please click here”. Even though such attacks will not look real to a suspicious eye, it might fool some less experienced people. Additionally, anti-phishing engines will not typically detect these links as malicious.

The US Election as a Phishing Tool

  • As expected, bad actors have used the US election to take advantage, and fake voter registration forms to steal information. This includes email credentials, and bank account details.

“October was marked by the enemy we know as well as some new phishing attempts, created to take advantage of current events such as the US Election,” said Liron Barak, CEO of BitDam. “Here at BitDam, we are constantly watching the trends of bad actors and the past month’s findings show that Microsoft-based attacks continue to grow and become more sophisticated. We have the tools to help our customers mitigate any potential damage these phishing attacks can cause. We’ll keep sharing each month’s findings in the hope we can slow down the ever-present evolution of phishing attacks and evasion techniques.”

 

October brought a continued uptick in tailored O365 fake login page and identification of new methods to obtain personal information from the unsuspecting.

 

BitDam, through this ongoing monthly series, today announced its detection of the leading phishing trends throughout October 2020, including the ongoing popularity of using customized Microsoft pages to lure victims into entering their personal information. October’s findings include:

Tailored O365 Fake Login Pages

  • Instead of using regular Office365 login pages to still Microsoft credentials, hacker used branded Office365 login pages that targeted the specific organization faking the organization’s branding (including logo and domain) instead of the generic Microsoft login page.
  • BitDam noticed a dramatic increase in the prevalence of these attacks, which were very rare until August 2020.
  • More details here

Use of Office forms for credential theft

  • Instead of taking control over a credible domain or buying a domain that might look suspicious, some attackers use forms such as Office Forms or Google Forms, and asking victims to enter their credentials.
  • What drives the user to these online forms is a convincing email message such as “Your password is about to expire” or “To retrieve your email, please click here”. Even though such attacks will not look real to a suspicious eye, it might fool some less experienced people. Additionally, anti-phishing engines will not typically detect these links as malicious.

The US Election as a Phishing Tool

  • As expected, bad actors have used the US election to take advantage, and fake voter registration forms to steal information. This includes email credentials, and bank account details.

“October was marked by the enemy we know as well as some new phishing attempts, created to take advantage of current events such as the US Election,” said Liron Barak, CEO of BitDam. “Here at BitDam, we are constantly watching the trends of bad actors and the past month’s findings show that Microsoft-based attacks continue to grow and become more sophisticated. We have the tools to help our customers mitigate any potential damage these phishing attacks can cause. We’ll keep sharing each month’s findings in the hope we can slow down the ever-present evolution of phishing attacks and evasion techniques.”

 

Schedule a Demo

Enter your email to get a free trial invitation