An ongoing phishing operation that stole around 400,000 OWA and Office 365 credentials since December has now expanded to exploit new legitimate services in order to bypass secure email gateways (SEGs).
The attacks are part of several phishing campaigns collectively named as “Compact” Campaign. It has been active since early 2020 and was first detected by the WMC Global Threat Intelligence Team.
As per Microsoft’s security experts, “Phishers continue to find success in using compromised accounts on email marketing services to send malicious emails from legitimate IP ranges and domains. They take advantage of configuration settings that ensure delivery of emails even when the email solution detects phishing.”
According to WMC Global, Threat actors responsible for these phishing campaigns have stolen more than 400,000 Outlook Web Access and Office 365 credentials since December.
To Read More: Bleepingcomputer