![]() ![]() There is no evidence at this stage the attackers have any interest in gaining access to the network or delivering ransomware. Alternatively, the attackers look to identify someone on the original victims contacts list that deals with finances to further spread the malicious links in the hope of getting a foothold in that area. The goal appears to be to either intercept an ongoing conversation and convince the users that there has been an issue at one of the recipients ends, or the payment chain and bank details need to be updated. ![]() Once the attackers have gained control of an Office 365 account, current observations suggest that they then actively search through the victims e-mails looking for any conversations in regards to finance and payments. If this was legitimate it would more likely say that the data would go to Microsoft.Ī further indicator is that the Password entry box is plain text.Īs you’ll no doubt be aware password boxes normally replace the text as you write, such as the example we’ve shown.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |