Microsoft Office 365 AitM phishing reveals signs of much larger BEC campaign

Researchers investigating an Office 365 account compromise resulting from an adversary-in-the-middle (AitM) phishing attack found evidence of a much larger global attack campaign that spans the past year and is possibly tied to an infostealer malware called FormBook. “In the past few years, Sygnia’s IR teams have engaged in numerous incidents in which world-wide organizations were targeted by BEC attacks,” researchers from cybersecurity firm Sygnia said in their report. “While some of these attacks were focal and concentrated, some were widely spread and affected a massive number of cross-sectors victims.”

To read this article in full, please click here