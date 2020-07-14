- Advertisement -

Online polling support SurveyMonkey was utilized as a disguise. Researchers in Abnormal Security recently discovered attempts to steal Office 365 user credentials using SurveyMonkey as cover.

The victim receives an email from a SurveyMonkey site, saying it is currently surveying company employees. On the other hand, the message contains a hidden redirect link emerging because the text”Navigate to access statement” with the brief message”Please don’t forward this email as its poll link is unique to you.”

SurveyMonkey phishing

But when clicked, this link instead redirects the victim away from SurveyMonkey to a Microsoft form submission page, which tells the consumer to submit their Office 365 email and password to proceed. However, doing so enables criminals to steal the user’s Microsoft account safety credentials.

Abnormal Safety notes that this attack may be effective due to its usage of a real SurveyMonkey connection to hide the aims inside. The email messages carrying the link additionally use SurveyMonkey phrases and articles.

Miss this at first glance, and it’s also simple for victims to be tricked since the phishing URL is not visible within the body text.

“Phishing is one of the most successful and long-standing cybercriminal tactics. The constant evolution from the methodology as observed in such attacks goes some of these ways to understanding why,” noted Niamh Muldoon, senior director of trust and security at OneLogin.

“As phishing attacks become increasingly common and increasingly complex — often tailored into a targeted team with an organization — companies and consumers cannot rely on protecting against 100 percent of attacks. Implementing Multi-Factor Authentication (MFA) supports user awareness and conscious behavior regarding phishing threats and a related chance of clicking on questionable links.”