Source |
CSO |
Identifiant |
5676476 |
Date de publication |
2022-07-12 14:20:00 (vue: 2022-07-12 22:05:32) |
Titre |
Office 365 phishing campaign that can bypass MFA targets 10,000 organizations |
Texte |
Security researchers from Microsoft have uncovered a large-scale phishing campaign that uses HTTPS proxying techniques to hijack Office 365 accounts. The attack is capable of bypassing multi-factor authentication (MFA) and has targeted over 10,000 organizations since September 2021.The goal of the campaign seems to be business email compromise (BEC), a type of attack where an employee's email account is used to trick other employees from the same organizations or external business partners to initiate fraudulent money transfers. According to the FBI's Internet Crime Complaint Center (IC3), BEC attacks have led to over $43 billion in losses between June 2016 and December 2021.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
$43 000 2016 2021 365 according account accounts article attack attacks authentication bec between billion business bypass bypassing campaign can capable center click complaint compromise crime december email employee employees external factor fbi fraudulent from full goal has have here hijack https ic3 initiate internet june large led losses mfa microsoft money multi office organizations other over partners phishing please proxying read researchers same scale security seems september since targeted targets techniques transfers trick type uncovered used uses where |
Tags |
|
Stories |
|
Notes |
|
Move |
|