A brand-new approach to harvesting credentials hinges on users’ lack of cloud savvy.
A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy.
Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or text. The storage can be accessed using both HTTP and HTTPS connections, and when using HTTPS, a signed SSL certificate from Microsoft will be displayed.
According to Netskope, a recent phishing attack saw attackers sending spam with PDF attachments, which were disguised as documents of a law firm in Denver.