Cofense has come across a particularly seductive phishing scam that uses the lure of a wage increase to entice workers to spill their Microsoft Office 365 credentials.
The spoofed email differs little from other varieties used in phishing attacks, except this one purportedly comes from a corporate human resources department regarding a company-wide pay hike to which the intended victim is entitled, wrote Milo Salvia, of the Cofense Phishing Defense Center.
“It is not uncommon, of course, for companies to increase salaries throughout the year. As a result, it wouldn’t be uncommon for an email like this to appear in an employee’s mailbox. Human curiosity compels users to click the embedded link,” he wrote.
The primary slight of hand being displayed is convincing recipients that they are being linked to a Sharepoint document when it fact they are being redirected to an external URL. Once on the malicious website, the target is presented with a fake Office 365 login page. Here the person’s email address is pinned to the username area so only the password needs to be inserted. This mimics many auto-populate templates.
At this point the attacker has accomplished his goal and now has access to that company’s Office 365 account.