Cyber-attacks launched against Outlook Web App users

An attack campaign using advanced cyber-espionage techniques launched against Office 365’s Outlook Web App users in an attempt to steal email log-in credentials from the employees of military agencies, embassies, defense contractors and international media outlets.

The group behind the attack used an interesting technique against organizations using OWA; for each attack they used JavaScript code to make it appear that the victims OWA sessions ended while at the same time, tricking them into re-entering their log-in credentials by redirecting victims to fake OWA log-in pages.

 

Further reading material can be found at PC World

October 24, 2014 | Topics: Blog, OWA Security

Recent Posts

A World Leader in Microsoft Exchange Security

Join 30,000+ people that receive news, Messageware's security advice and tips