This article discusses a recent phishing campaign targeting employees during tax season, aimed at collecting Microsoft login credentials by disguising emails as tax return notifications. Cybercriminals exploit the urgency associated with tax filing to deceive recipients into providing their sensitive information. Awareness and vigilance are crucial for protecting against such threats. Affected: individuals, employees, companies
Keypoints :
- The tax season sees a rise in phishing attempts targeting personal tax information.
- Cybercriminals use spoofed emails and create a sense of urgency to trick employees.
- Phishing emails appear to come from legitimate sources, like “Strategic Tax Planning.”
- Recipients are redirected through fake pages to enter their credentials, enhancing the illusion of safety.
- Phishing pages ultimately redirect users to fraudulent Microsoft login pages.
- Vigilance and awareness are essential to combat phishing threats during tax season.
- Solutions, such as Cofense Managed Phishing Threat Detection and Response, can help safeguard against these attacks.
MITRE Techniques :
- Phishing (T1566): Cyber actors use emails mimicking tax notifications to deceive employees into providing their credentials.
- Credential Dumping (T1003): Actors collect credentials by redirecting users to fake Microsoft login pages after email interactions.
Indicator of Compromise :
- [URL] hXXps://us[.]content[.]exclaimer[.]net/?url=…
- [URL] hXXps://tyw55uhbb[.]cc[.]rs6[.]net/tn[.]jsp?f=…
- [URL] hXXps://t0[.]dianausil[.]com/IDLK/#
- [URL] hXXps://bionicsremedies[.]in/new/index[.]html
- [IPv4] 104.21.23.248
Full Story: https://cofense.com/blog/hook-line-tax-sink
Views: 34