Check Point has discovered a sophisticated campaign of phishing attacks incorporating household names to gain a foothold on corporate networks and harvest login credentials stored on Microsoft Office 365 accounts.
Cyber criminals hijacked an Oxford University email server to bombard targets with malicious emails, which contained links redirecting to a now-redundant Adobe server used by Samsung for the 2018 Cyber Monday sales event – this let the group behind the campaign leverage the façade of a legitimate Samsung domain to trick victims into sharing their Office 365 logins.
