Office 365 phishing abuses Google Ads to bypass email filters

From bleepingcomputer.com

Office 365 phishing abuses Google Ads to bypass email filters

An Office 365 phishing campaign abused Google Ads to bypass secure email gateways (SEGs), redirecting employees of targeted organizations to phishing landing pages and stealing their Microsoft credentials.

The attackers behind these attacks took advantage of the fact that the domains used by Google’s Ads platform are overlooked by SEGs, which allows them to deliver their phishing messages to their targets’ inboxes bypassing email filters.

Read more…