When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
ShadowSpear® is an unparalleled resource that defends your organizations against advanced cyber threats and attacks 24/7/365.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
Threat actors are very intelligent when it comes to infiltrating and phishing, but this doesn’t mean they won’t make mistakes. Researchers at two security firms published a combined report where they analyzed threat actors behind a lengthy phishing campaign that left over 1,000 login credentials for Office 365 accounts exposed.
The phishing campaign has lasted over 6 months and uses multiple sites to host their phishing pages.
The phishing campaign itself was quite successful for the threat actors as they made their way around general email protection, but the stolen credentials were publicly available by simply doing a Google search. The credentials were published on a public file which Google could index.
Those behind the attack also compromised WordPress servers so they could host the PHP page given to victims of the campaign. Using emails, the threat actors collected login and password information with fake forms. One instance discovered by the security researchers was a Xerox scan within an HTML link.
SpearTip experts don’t recommend clicking links where you don’t know the sender. For those victims who did click the link, it may have been tough to realize the dialogue box wasn’t real. A JavaScript code runs once the link is clicked and checks to make sure the credentials are valid. The credentials are then shipped off to the threat actor’s server which uses the pop-up dialog box as a diversion. It displays the Microsoft dialogue box over an image with the user’s email already implemented and the password form open.
Be wary of what you’re clicking on and realize these are the types of intrusions where entire networks can be taken down. No organization wants to experience widespread disruption because it can halt operations and diminish brand value. Leave the protection of your data and environment to a trusted firm like SpearTip.
SpearTip’s Security Operations Center (SOC) specializes in preventing malware from entering networks. Our engineers work 24/7 hours a day to monitor environments for malicious activity. As threat actors continue to be pervasive, we will remain attentive to their evolution.
If your organization experiences a breach, call our incident response hotline at 833.997.7327.
Identify, neutralize, and counter cyberattacks - provide confidence in your security posture
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2024 SpearTip, LLC. All rights reserved.