Microsoft, FedEx, and other brands have been impersonated in separate phishing campaigns between mid-May and late July that involved the exploitation of an open redirect vulnerability in Snapchat and American Express domains in an effort to exfiltrate credentials and personally identifiable information, reports Threatpost.
Attackers behind the campaign using the snapchat[.]com open redirect flaw have sent 6,812 phishing emails, while those leveraging the americanexpress[.]com vulnerability have delivered 2,029 phishing messages, according to a report from INKY. Social engineering techniques have been observed in both campaigns, which were found to use exploits involving the insertion of PII in URLs that seem legitimate.
"This insertion was disguised by converting it to Base 64 to make it look like a bunch of random characters. We inserted our own random characters into these strings so that the casual observer would not be able to reverse engineer the PII strings," wrote INKY researcher Roger Kay.
Moreover, Microsoft credential harvesting sites were discovered to be the destination of both campaigns. However, American Express has already addressed the flaw but not Snapchat, said researchers.
Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.
Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.
Email security: The current threat landscape, the latest tools/techniques
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news