Wednesday, July 8, 2020

O365 users targeted in SurveyMonkey phishing attack


Don Sharpe

  • Phishing attacks are on the rise, with Office 365 users being targeted multiple times.
  • Recently, Abnormal Security uncovered a phishing campaign disguised as a MonkeySurvey.com survey and aimed at stealing Office 365 user passwords and usernames.
  • Head on over to the Anti-phishing Software section to stay up-to-date on emerging threats and their practical solutions. 
  • For more cybersecurity news and tips, check out the Security & Privacy page to learn more.
SurveyMonkey email phishing

As phishing attacks continue to increase, it’s such a bad time for a Windows 10 user not to have an effective antimalware solution installed on their PC.

Worse still, spear phishing is the name of the game these days, in which case, the recipient of the malicious email or link is always a well-researched individual. It’s partly why such attacks are very difficult to stop.

Threat actors have targeted Office 365 users in these types of cybercrime multiple times before, and they continue to do so to date. Unsurprisingly, some of the latest victims/targets are employees participating in a fake SurveyMonkey survey.

SurveyMonkey phishing attack

The folks at Abnormal Security recently uncovered attempts to steal O365 user credentials on the pretext of conducting surveys among employees.

In the campaign, the victim receives an email from a genuine SurveyMonkey site. But the message contains a hidden link, which upon clicking, redirects the victim to a Microsoft form submission page.

The user has to submit their O365 email and password to proceed. This way, the malicious actors steal the unsuspecting user’s Microsoft account security credentials.

The email is sent from a real SurveyMonkey domain (surveymonkeyuser.com), but with a different reply-to domain. That reply-to domain was registered only 1 month ago. The email simulates an automated notification with a link to open the “survey”. This link is an actual SurveyMonkey link that redirects to the main phishing page.

It appears that these spear phishing attacks have a high probability of success due to various factors, including the use of a trusted domain. Likewise, concealing the redirect link makes it a little difficult for the target to suspect anything.

Abnormal Security points out that up to 50,000 mailboxes may have received the SurveyMonkey phishing link.

What’s your take on the state of cybersecurity against the backdrop of rising cases of Office 365-related phishing attacks? Feel free to let us know via the comments section below.


and

If you are looking for a cheap and genuine microsoft product key, warranty for 1 year.
It will be available at the link: https://officerambo.com/shop/
Microsoft Windows Embedded 8.1 Industry Pro : https://officerambo.com/product/windows-embedded-8-1/
Key Windows 7 Professional / Home Base / Home Premium (2 USER) : https://officerambo.com/product/key-windows-7/
Microsoft Windows 8.1 PRO (2 PC) : https://officerambo.com/product/microsoft-windows-8-1-pro/
Windows Server 2012 R2 : https://officerambo.com/product/windows-server-2012-r2/
Visual Studio Enterprise 2019 : https://officerambo.com/product/visual-studio-enterprise-2019/
Windows Server Standard / Datacenter / Essentials : https://officerambo.com/product/windows-server-all-version-standard-datacenter-essentials/
Microsoft Office Professional Plus for Windows : https://officerambo.com/product/microsoft-office-professional-plus-for-windows/
Microsoft Office Home and Student for Windows : https://officerambo.com/product/microsoft-office-home-and-student/
Key Microsoft Access 2016 : https://officerambo.com/product/key-microsoft-access-2016/
Microsoft Visio Professional : https://officerambo.com/product/microsoft-visio-professional/
Microsoft Project Professional : https://officerambo.com/product/microsoft-project-professional/
Account Microsoft Office 365 Profestional Plus 2020 Update For 5 Devices : https://officerambo.com/product/account-microsoft-office-365/
Key Microsoft Windows 10 Profestional / Profestional N : https://officerambo.com/product/key-microsoft-windows-10/
Key Microsoft Windows XP Pro : https://officerambo.com/product/key-microsoft-windows-xp-pro/
Microsoft Office Home and Business for Mac : https://officerambo.com/product/microsoft-office-home-and-business-for-mac/

No comments:

Post a Comment