Credential phishing on the rise with Office 365 a top target

New research from Menlo Security reveals that numbers of fake login pages and forms looking to steal credential are on the increase. The majority of attacks are serving Outlook and Office 365 logins, reflecting the widespread use of these services across corporate environments. Services like Azure, One Drive, Box, Firebase, Box, and Dropbox continue to be leveraged to host phishing pages, and popular note taking app Evernote is now being used too. New attack tactics include the use of data URLs/encoding to mask content, dynamic content generation, leveraging of local HTML/PDF decoy files, dynamic loading of brand logos. Dynamically generated… [Continue Reading]