Hackers hijacked an Oxford email server to deliver malicious emails as part of a phishing campaign designed to harvest Microsoft Office 365 credentials from European, Asian, and Middle Eastern targets. The attackers also made use of domain hosted on an Adobe server and used by Samsung during 2018’s Cyber Monday event. By leveraging the reputable brands of Oxford University, Adobe, and Samsung within the same campaign, the threat actors’ attacks had everything needed to bypass their victims’ security email filters and trick the victims themselves into handing over their Office 365 credentials.
SOURCE: Bleeping Computer