Hackers are capitalizing on the ongoing trend of organizations employing VPNs for securing their employees working remotely during this pandemic.
What’s the matter?
- According to the security company Abnormal Security, phishers are using fake VPN configuration notifications to steal employees’ Office 365 credentials.
- The phishing campaign spoofs a notification email from the IT support at the victims’ company. The sender’s email address is mimicked to impersonate the victim organizations’ domains. Allegedly, the link enclosed in the email directs the targets to a new VPN configuration for home access.
- However, the link didn’t redirect targets to a new VPN configuration. Instead, it landed the recipients to a phishing page hosted on a Microsoft .NET platform.