Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 11 June, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Microsoft: Phishing attacks abuse legitimate services

An ongoing phishing operating is abusing legitimate services to bypass secure email gateways

by SaskiaEpr
March 24, 2021
in Cyber Bites, Uncategorized
Gmail inbox
Share on FacebookShare on Twitter

The new attacks are part of an ongoing phishing operation, dubbed the “Compact” Campaign, which has been active since early 2020. The campaign, which has already stolen an estimated 400,000 OWA and Office 365 credentials has now begun abusing new legitimate services in an effort to bypass secure email gateways (SEGs). As a result, Microsoft security experts have issues a warning: “Phishers continue to find success in using compromised accounts on email marketing services to send malicious emails from legitimate IP ranges and domains. They take advantage of configuration settings that ensure delivery of emails even when the email solution detects phishing.”

Attackers are camouflaging their emails as notifications from legitimate video conferencing services, various security solutions and productivity tools to increase the chances of their emails ending up in the victims’ main inbox. Inevitably, victims are more likely to click on links that seemingly come from their trusted domains.

 

 

FacebookTweetLinkedIn
ShareTweet
Previous Post

Financial Risk Management Platform Feedzai becomes Portugal’s first tech unicorn

Next Post

Decision diversity: more equals better for the sake of a more secure organisation

Recent News

Ransomware

Clop Ransomware Gang Extorts Household Names including BBC, British Airways and Boots

June 9, 2023
code

Developers Kept Away From Coding, Estimated £10.4bn a Year Wasted

June 8, 2023
large open office, bright.

Employees Feel 10 Times Calmer in an Environmentally Friendly Office Space

June 7, 2023
Blue Logo OUTPOST24

Outpost24 Acquires EASM Provider Sweepatic

June 7, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information