Credential Theft

Office365

6287ef1f6e11f6ce9ca06f19 1597347765

6287ef1f6e11f67ccea06f13 2023185736

6287ef1f6e11f6d8ada06f18 506770175

Hijacked Email Thread

Content Obfuscation via Image

External Compromised Account

Password Expiration

Credential Phishing

Link-based

(no text content - anchor image only)

Vendor Impersonation Payment Inquiry Account Update BEC Attack

Employee Impersonation Payment Fraud BEC Attack

Vendor Impersonation Overdue Payment BEC Attack

Evernote Fake Document Credential Phishing Attack

Homepage

The Abnormal Attack Vault

Office365 Password Expiration Credential Phishing Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/office365-password-expiration-credential-phishing-attack-6659361302115608603

referrer

robots

{"title":{"title":"Abnormal Intelligence | Office365 Password Expiration Credential…"}}

This link-based attack impersonates Office365 using a hijacked email thread, a content obfuscation via image, an external compromised account, and a password expiration theme to steal credentials.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Office365 Password Expiration Credential Phishing Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Theme

Impersonated Brands