DemoBlade

Bleeping computer logo

News

Tech republic logo

As more people are working remotely due to the coronavirus, cloud services have seen a surge in demand. But as this trend has unfolded, cybercriminals have found a ripe target to exploit. A blog post published Wednesday by security provider Abnormal Security describes how phishing attacks are taking advantage of Amazon Web Services to steal user credentials.

Phishing attack impersonates Amazon Web Services to steal user credentials

In a blog post published Friday, Abnormal Security explained how this latest campaign works. The initial phishing email claims to be sent by the WHO with a sender's address of support@who.international. Displaying the WHO's familiar logo, the email states that the World Health Organization has sent you a message, inviting you to click a link for Open Message. The URL for this link is hidden behind the text, so users can't clearly see it.

Phishing attack spoofs World Health Organization to steal email credentials

Threat post logo

Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk. The traditional image of a successful email attack is that of a naive employee clicking the link in a crudely crafted spam email bent on phishing. But times have changed, and employees are much more security-educated than they used to be. .

Understanding the Payload-Less Email Attacks Evading Your Security Team

Cybercriminals have been keen to exploit COVID-19 to create coronavirus-related malicious apps, phony websites, and phishing emails. As the pandemic has triggered a huge shift toward remote working, so, too, have criminals been trying to target business employees working at home. In a blog post published Wednesday, Abnormal Security describes a new phishing campaign that exploits the need for VPNs.

Phishing attack impersonates IT staff to target VPN users

Homepage

Breadcrumbs

Abnormal Security provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.

Abnormal Security

Microsoft Office 365 customers are targeted by a phishing campaign using bait messages camouflaged as notifications sent by their organization to update the VPN configuration they use to access company assets while working from home.

Office 365 phishing baits remote workers with fake VPN configs

Microsoft Office 365 customers are targeted by a phishing campaign using bait messages camouflaged as notifications sent by their organization to update…

description

customers, targeted, phishing, campaign, using, bait, messages, camouflaged, notifications, sent, organization, update, configuration, access, company

keywords

https://optimise2.assets-servd.host/gifted-zorilla/production/images/press/bleeping-computer-logo.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1632180661&s=c2e133d05d0a01f8d70148c954914411

https://abnormalsecurity.com/about/news/office-365-phishing-baits-remote-workers-with-fake-vpn-configs

referrer

robots

twitter:card

twitter:creator

twitter:description

https://optimise2.assets-servd.host/gifted-zorilla/production/images/press/bleeping-computer-logo.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1632180661&s=883b6e195383bd71042392856057ceca

twitter:image

twitter:image:alt

twitter:image:height

twitter:image:width

twitter:site

twitter:title

{"title":{"title":"Office 365 phishing baits remote workers with fake VPN… | Abnormal"}}

Schedule a Demo

Preventing Criminals From Using AI for Cybersecurity Attacks

CNBC Disruptor 50: Abnormal Security

Generative AI Could Revolutionize Email—for Hackers

Ones to Watch in Tech

Email Subscribe

<p>Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.</p>

Newsroom

Announcing a New Abnormal Podcast! | Listen to SOC Unlocked Podcast

<p>Announcing a New Abnormal Podcast!</p>

vs Mimecast

vs Avanan

Secondary CTA

Whether FormComplete is utilized on a form

FormComplete

CTA Display

What text is displayed on the primary CTA (see sheet for details on copy)

Primary CTA Text

Form Columns

chakra-ui-ChakraProvider

Button

Footer

FramerWrapper

Container

Screen

PrimaryCtaText

FormColumns

CtaDisplay

VsMimecast

SecondaryCta

VsAvanan

Abnormal Solutions

react-awesome-reveal

lottie-react

plasmic-nav

react-scroll-parallax-global

plasmic-embed-css

Abnormal Pages

loading-boundary

plasmic-query

plasmic-basic-components

Abnormal Legal

Abnormal Why Abnormal

Abnormal Landing Pages

plasmic-rich-components

Abnormal Partners

Abnormal Products

Abnormal Design System

Abnormal Marketing

antd5 hostless

react-slick

react-quill

B MKT515p New AI Human Behavior Platform Whitepaper

White Papers

Discover how Abnormal's AI-powered solution protects organizations from their biggest risk—humans.

How to Protect Against the Human Vulnerability: Using AI to Prevent Novel Socially-Engineered Attacks

Abnormal Platform

B SOC Unlocked Mick Douglas

Podcasts

Unnamed

Mick Douglas

MICK HEADSHOT

Mick Leach

Tune in as host and SOC expert Mick Leach chats with Mick Douglas,  Managing Partner of InfoSec Innovations about a range of topics including the current state of security operations, the role of automation and AI in the field, and the importance of using security tools effectively.

Automation, AI, and Bridging the Cybersecurity Talent Gap with Mick Douglas

B SANS Report

Analyst Research

Learn how modern SOC teams address evolving threats, challenges, and technology integrations.

SANS 2024 SOC Survey: Facing Top Challenges in Security Operations

B Attack Quiz

Tools

Test your ability to distinguish malicious emails from safe ones in this interactive quiz.

Quiz: Attack or Not?

Office 365 phishing baits remote workers with fake VPN configs

Get AI Protection for Your Human Interactions