In a recent cyber threat targeting the manufacturing sector, a malicious actor has been using spear-phishing emails to trick victims into giving up their Microsoft credentials unknowingly. The tactic involves sending emails that appear to be from legitimate companies such as Periscope Holdings and R.S. Hughes, which are well-known in the industry. These emails contain a file named “Product List RFQ, NDA & Purchase Terms 2024.shtml” and when clicked on, take the victim to a spoofed Microsoft page where their username is already filled in, adding a layer of authenticity to the scam and prompting the victim to enter their password.
According to researchers at BlueVoyant who discovered the campaign, the fake page is designed to harvest the victim’s credentials, giving the threat actor access to their accounts and potentially compromising sensitive information. This campaign has already targeted at least 15 victims between March and August, primarily in the United States and Canada. The threat actor behind this scheme is believed to be highly sophisticated and remains unidentified.
To protect against such attacks, experts recommend that organizations in the manufacturing sector and related industries remain vigilant for fake or typosquatted domains that mimic legitimate ones. It is also important to educate employees about the dangers of spear-phishing tactics and how to recognize and report suspicious emails. Additionally, implementing conditional access policies and strong authentication measures can help safeguard against unauthorized access to sensitive data.
This latest cyber threat serves as a reminder of the constant vigilance required in today’s digital landscape, where malicious actors are constantly evolving their tactics to target unsuspecting victims. By staying informed and taking proactive steps to enhance cybersecurity measures, organizations can better defend themselves against such threats and protect their valuable data from falling into the wrong hands.