Office 365 Users: Beware of Phishing Emails Pointing to Office Sway

12/01/2020

שימו לב

הפישינג המתואר כאן עובר דרך מנגנוני ההגנה מכיוון שנשלח ממיקרוסופט

יש להיזהר ולהזהיר משתמשים מלגשת לקישורים המתחזים לאישורים לקבלת פקס

במקרים של ספק להיעזר בכם או בי.

Title: Office 365 Users: Beware of Phishing Emails Pointing to Office Sway

ttps://www.helpnetsecurity.com/2020/01/10/phishing-office-sway/ 

Excerpt:  “One of phishers’ preferred methods for fooling both targets and email filters is to use legitimate services to host phishing pages. The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that’s part of Microsoft Office.  The email. The email that tries to trick recipients into visiting the phishing page isn’t stopped by Microsoft’s filters, likely because: It was sent from an onmicrosoft.com email address, Includes links in the email that point to sway.office.com and other trusted sites (e.g., LinkedIn). It pretends to be a fax receipt notice, shows a small image of the supposedly received fax, and asks the user to open the attachment to view it.”