US EditionHackers Are Stealing Microsoft 365 Accounts by Abusing Link-Wrapping Services
AUG 4 – Attackers exploit trusted email link wrapping in services like Proofpoint to bypass filters and steal Microsoft 365 credentials in phishing campaigns ongoing for over two months, Cloudflare says.
7 Articles
7 Articles
Cybercriminals have come up with a new, sophisticated method to access Microsoft-365 access data: they have been misusing security functions to camouflage bad links - thus undermining well-protected e-mail systems themselves. (Continue reading)
Attackers abused technology companies' link wrapping services to disguise malicious links, leading victims to Microsoft 365 phishing pages to steal login credentials.
Cloudflare's Email Security team has uncovered a new phishing technique. Attackers are using compromised email accounts to disguise malicious links using legitimate link-wrapping services. These services, such as those used by Proofpoint or Intermedia, rewrite incoming links to trusted domains and automatically scan them—a protection mechanism that becomes a gateway here. The links appear deceptively real. The attackers shorten their links with …
Attackers steal Microsoft 365 logins with link wrapping
Cloudflare‘s email security team recently uncovered a new phishing technique. Attackers are using compromised email accounts to disguise malicious links via legitimate link wrapping services. Services like those from Proofpoint or Intermedia rewrite incoming links to trustworthy domains and scan them automatically, a protection mechanism that, in this case, becomes a gateway. The links look deceptively genuine The attackers shorten their links u…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
