Microsoft 365 phishing attacks use encrypted RPMSG messages


Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways.

RPMSG files (also known as restricted permission message files) are encrypted email message attachments created using Microsoft’s Rights Management Services (RMS) and offer an extra layer of protection to sensitive info by restricting access to authorized recipients.

Read more…