Quote:A phishing campaign bent on stealing Microsoft login credentials is using Google Firebase to bypass email security measures in Microsoft Office 365, researchers said.
Researchers at Armorblox uncovered invoice-themed emails sent to at least 20,000 mailboxes that purport to share information about an electronic funds transfer (EFT) payment. The emails carry a fairly vanilla subject line, “TRANSFER OF PAYMENT NOTICE FOR INVOICE,” and contain a link to download an “invoice” from the cloud.
Clicking that link begins a series of redirects that eventually takes targets to a page with Microsoft Office branding that’s hosted on Google Firebase. That page is of course a phishing page, bent on harvesting Microsoft log-in information, secondary email addresses and phone numbers.
The attackers could use the information to take over accounts and steal information, but they could wreak other havoc as well.
“Since all workplace accounts are so closely interlinked, sharing credentials to one of your accounts can prove to be very dangerous as cybercriminals send emails in your name to trick your customers, partners, acquaintances and family members,” according to Armorblox.
Read more: https://threatpost.com/microsoft-office-...se/163666/
![[-]](https://www.geeks.fyi/images/collapse.png)
