attackers steal data using “native” notifications

0
649

Thus, cybercriminals can steal logins and passwords for various mail accounts.

Kaspersky Lab has discovered a new phishing scheme using legitimate SharePoint servers from real companies. With this scheme, attackers can use other people’s SharePoint servers to send dangerous alerts, bypassing spam filters.

Dangerous SharePoint
Dangerous SharePoint

According to experts, cybercriminals not only hide the phishing link on the SharePoint server, but also distribute it using their native mechanism for sending notifications. 

attackers steal data using “native” notifications

If the recipient clicks on the link, they are taken to the actual SharePoint server, where the claimed OneNote file opens. The file contains a large PDF file icon, which can easily be mistaken for another step to download the data and click on the phishing link.

Dangerous SharePoint
Dangerous SharePoint

Thus, cybercriminals can steal logins and passwords for various email accounts, including Yahoo!, AOL, Outlook, Office 365. The scheme is aimed at employees of companies around the world, including in Russia. In total, over the past winter, experts have identified more than 1,600 such letters.

Also Read:  Google Chrome will block page loading over HTTP