Cybercriminals Use Enterprise Cloud to Create Phishing Hooks
A recent phishing campaign has been spotted that uses a trio of enterprise cloud services to steal your credentials.
What’s going on?
This phishing campaign pretends to be from a helpdesk – servicedesk[.]com – mimicking similar wordings used by real IT helpdesks. Attackers used well-known enterprise cloud services including Microsoft Dynamics, Microsoft Azure, and IBM Cloud, to host their phishing pages. This added legitimacy to their campaign and also helped them bypass security filters that trust domains associated with such legitimate enterprise services.