Photo: Eric Risberg / AP
The company’s specialists CheckPoint, specializing in cyber security, uncovered a scheme to steal data using Microsoft Office 365. It is reported in arrived in edition “Tapes.ru” the press release, the crooks broke into the mail server of the University of Oxford to send malicious emails to victims.
CheckPoint experts have studied a few similar letters. The fraudsters sent e-mails from addresses that belonged to these subdomains of the University of Oxford. So hackers have managed to bypass the reputation check required security measures for the domain of the sender.
The letters stated that to listen to voice messages from Microsoft you need to click on the link. After that, users were on a phishing page disguised as a log-in page to Office 365. The resource located at the server Adobe that in 2018, used by Samsung.
“This allowed hackers to create the appearance of legitimate domain of Samsung, which increased the confidence of victims,” — said in a release. Using a specific link format and a legitimate domain, the attackers increased the chances that their attack will be successful.
“Using well-known and reputable brands to bypass security products on the way to the victims. Now it is the best way to gain a foothold in the corporate network,” said Lotem Finkelstein, a leading expert on the analysis of threats to Check Point. He noted that this allows the crooks to receive “unlimited access to all operations of the company: transactions, financial reports, sending emails within the company from a trusted source, passwords, and even addresses cloud assets of the company.”
Video, photo All from Russia.