Elizabeth Montalbano reports:
Attackers have unleashed an EvilProxy phishing campaign to target thousands of Microsoft 365 user accounts worldwide, sending a flood of 120,000 phishing emails to more than 100 organizations across the globe in the three-month period between March and June alone. The goal? To take over C-suite and other executive accounts, in order to mount further attacks deeper within the enterprise.
The ongoing campaign uses a combination of phishing tactics — including brand impersonation, scan blocking, and a multi-step infection chain — to successfully take over cloud accounts of top-level executives, researchers from Proofpoint revealed.
Read more at DarkReading.