Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign.
The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company’s IT department.
The email informed the recipient that the company’s email security service had quarantined three messages, which included two pieces of correspondence deemed “valid” by that service.
It then informed the recipient that the email security service would delete those messages within three days unless they reviewed those emails by clicking on an embedded “Review Messages Now >>” lin