New phishing scam targets Microsoft user login details
- 09 January, 2018 09:56
A new zero-day phishing scam using the name of commercial real estate firm CBRE, has emerged on 8 January.
The messages contained a link purporting to be a scanned PDF document from a Xerox multifunction printer. In one instance, the email was sent from temp2 @htran.com.au email address.
According to email filtering company, MailGuard, who detected the phishing scam, the link leads to a website designed to harvest recipients' Microsoft login details.
"MailGuard has successfully blocked the email sender domains associated with this scam," the company wrote in a blog post, suggesting more than one domain was used in this attack.
This was one of three scams MailGuard detected on 8 January.
A fake Suncorp email was picked up by the email filtering company and was being sent out in "large numbers".
The messages had SunCorp Insurance or Health Insurance as the sender, however the emails were coming from a compromised MailChimp account.
Last year, a phishing scam impersonating Microsoft Office 365 hit Australian inboxes, impacting local organisations across the country.
The fake email, which began landing on 30 November 2017, was a simple HTML message telling recipients they needed to upgrade their accounts as they have gone over their quota.
The sender details picked up in the Microsoft messages contained a display address of theresa(at)vistamfg(dot)com and a sending address of t.beasley(at)vistamfg(dot)com.