Accounts of hundreds of Microsoft Office and Azure user accounts — including those of senior executives — have been compromised recently in ongoing targeted phishing attacks, say researchers at Proofpoint. «As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents,» the warning says. For example,
Accounts of hundreds of Microsoft Office and Azure user accounts — including those of senior executives — have been compromised recently in ongoing targeted phishing attacks, say researchers at Proofpoint.
“As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents,” the warning says. For example, some weaponized documents include embedded links to “View document” which, in turn, redirect users to a malicious phishing webpage upon clicking the URL.
“Threat actors seemingly direct their focus toward a wide range of individuals holding diverse titles across different organizations, impacting hundreds of users globally,” Proofpoint says.