Browsing CategoryPhishing

Image Inversion Technique

A creative Office 365 phishing campaign was discovered by WMC Global Analysis researchers that a legitimate login page of a Microsoft Account, but uses color inversion to avoid matching patterns from image recognition software, according to Kim Komando. “As image recognition software is improving and becoming more accurate, this new technique aims to mislead scanning engines […]

The post Attackers Using Image Inversion Technique to Bypass Office 365 Filtering Mechanism appeared first on GBHackers On Security.

A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the United States and Canada.

The fraudsters, whom we named “Water Nue,” primarily target accounts of financial executives to obtain credentials for further financial fraud. The phishing emails redirect users to fake Office 365 login pages. Once the credentials are obtained and accounts are successfully compromised, emails containing invoice documents with tampered banking information are sent to subordinates in an attempt to siphon money through fund transfer requests.

The post Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts appeared first on .