A spearphishing attack is spoofing Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.
Researchers at Ironscales discovered the campaign targeting several thousand mailboxes at nearly 100 of the email security firm’s customers, Lomy Ovadia, Ironscales vice president of research and development, said in a report posted online Monday. Other industries being targeted including telecom and insurance companies, he said.
The attack is particularly deceiving because it deploys an exact domain spoofing technique, “which occurs when an email is sent from a fraudulent domain that is an exact match to the spoofed brand’s domain,” Ovadia wrote. This means even savvy users who check sender addresses to ensure an email is legitimate might be fooled, he said.