From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud | allinfosecnews.com

July 12, 2022, 4 p.m. | Paul Oliveria

Microsoft Security Blog www.microsoft.com

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog.

aitm phishing attackers bec business email compromise (bec) cookie cookie theft cybersecurity entry financial financial fraud fraud microsoft security intelligence phishing theft

More from www.microsoft.com / Microsoft Security Blog

New Microsoft guidance for the DoD Zero Trust Strategy 1 day, 8 hours ago | www.microsoft.com

blog cloud cloud services defense +15

Microsoft recognized as a Leader in the Forrester Wave™: Workforce Identity Platform, Q1 2024 2 days, 8 hours ago | www.microsoft.com

advanced customers forrester forrester wave +11

Microsoft Priva announces new solutions to help modernize your privacy program 2 weeks, 1 day ago | www.microsoft.com

automated beyond capabilities expansion +14

The foundation for responsible analytics with Microsoft Purview 3 weeks, 1 day ago | www.microsoft.com

analytics announcements blog blog post +14

How Microsoft Incident Response and Microsoft Defender for Identity work together to detect and respond … 3 weeks, 6 days ago | www.microsoft.com

customers cybersecurity cybersecurity incident cyberthreats +14

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season 4 weeks ago | www.microsoft.com

campaigns cybercriminals engineering events +23

Microsoft Sentinel delivered 234% ROI, according to new Forrester study 4 weeks, 1 day ago | www.microsoft.com

benefits blog findings forrester +15

Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 1 month ago | www.microsoft.com

blog businesses endpoint endpoint security +8

International Women’s Day: Expanding cybersecurity opportunities in the era of AI 1 month, 1 week ago | www.microsoft.com

cybersecurity cybersecurity opportunities diversity history +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

KDN IAM Associate Consultant

@ KPMG India | Hyderabad, Telangana, India

View on infosec-jobs.com

Staff Test and Evaluation Engineer - Electronic Warfare

@ Anduril | Costa Mesa, California, United States

View on infosec-jobs.com

Junior Project Cybersecurity Manager

@ NXP Semiconductors | Bucharest

View on infosec-jobs.com

Embedded PSOC Analyst

@ Sibylline Ltd | London, United Kingdom

View on infosec-jobs.com