Microsoft Outlook’s new phishing scam takes advantage of a weakness that allows hackers to send faked emails pretending to be your boss.
The New Phishing Scheme in Microsoft Outlook
According to a Tech Radar article, hackers are now attempting to target employees of a company by claiming to be their supervisor and sending urgent emails.
Researchers from the cybersecurity firm Avanan found the new phishing scam on Microsoft Outlook.
The researchers discovered that cyberattackers went above and beyond by employing social engineering techniques to carry out an assault.
This time, hackers are using vulnerabilities in Microsoft’s productivity products, notably its email service, to successfully disguise their faked emails as legitimate ones.
To be more specific, the criminal geniuses are tricking Outlook into sending their fraudulent emails with real Active Directory data, making it appear as if they were sent from their boss’s email.
Vulnerabilities in Microsoft Outlook
According to Dark Reading’s news piece, the attackers are using a private server to deliver domain impersonation emails to their targets.
The hackers may use the private server to send bogus emails to the sender, making it appear like the email was not faked.
According to cybersecurity specialist Jeremy Fuchs, impersonation emails do sneak past Outlook’s security measures in some cases. As a result, Microsoft’s email service would display the bogus messages as if they were sent by a legitimate sender.
Furthermore, Microsoft Outlook will assist attackers in delivering these spoofed emails by incorporating legitimate Active Directory data, such as phone numbers, email addresses, and even previously shared files and photos.
According to Fuchs, “it’s easy for [hackers] to pretend it’s coming from the correct email address even if it isn’t.”
It occurs as a result of the cyber attackers duping Outlook into believing that the faked email is legitimate. As a result, it appears to be more real. It is accompanied with comprehensive user information from the impersonated person.
Outlook also fails to use email authentication methods such as DKIM and SPF, which should have blocked these types of assaults, according to the researchers. As a result, hackers are able to send spoofed emails to their targets’ inboxes.
Email impersonation
Furthermore, Avanan researchers discovered further concerning evidence about the growth of impersonation emails.
According to the firm’s cybersecurity report, 77 percent of the targets are non-executives of firms. On the other side, approximately 51% of the impersonated accounts are also non-executives.