evilproxy
-
Severity High Analysis Summary A newly discovered phishing campaign has set its sights on the Microsoft 365 accounts of important executives within U.S.-centered organizations. This malicious campaign abuses open redirects originating from the Indeed employment website, which is typically used for job listings. This campaign is facilitated by the use of the EvilProxy phishing service,…
-
Microsoft, the Dark Web and the name John Malkovich all factor into this EvilProxy phishing attack. The good news is there are steps IT can take to mitigate this security threat.
-
Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.
-
Recent research exposed a phishing campaign targeting top U.S. executives’ Microsoft 365 accounts, exploiting open redirects on Indeed’s job website.
-
C-level staff working across a range of industries were lured to phishing sites via redirect links purportedly from the popular Indeed job-search site.
-
Executive Summary Menlo Labs recently identified a phishing campaign targeting executives in senior level roles across various industries, but primarily Banking and Financial services, Insurance providers, Property Management and Real Estate, and Manufacturing.
-
An escalating threat, named EvilProxy, combines advanced Adversary-in-the-Middle (AitM) phishing with sophisticated Account Takeover (ATO) methods to efficiently nab credentials protected with multi-factor authentication (MFA) and session cookies.
-
Threat actors are using the EvilProxy phishing platform to get around multi-factor authentication (MFA) protections in the Microsoft 365 accounts of high-level corporate executives in a sprawling campaign that highlights the growing popularity among cybercriminals of advanced phishing-as-a-service (PhaaS) kits.