Security firm Cisco Talos is reporting a new criminal service that’s delivering sophisticated phishing emails looking to harvest the Microsoft login credentials of unsuspecting victims. The service, called “Greatness” is easy for criminals to set up and requires little technical expertise to operate.

The attack starts with an email with an HTML attachment. Once you open the attachment, your browser will display a blurred image of a spreadsheet with a spinning wheel.

You are then redirected to what looks like a Microsoft login page which may already be populated with the logo of your organization and your email address. This is NOT a login for Microsoft but the credential harvesting page on the attacker’s website.

Takeaways:

1. Cybercriminals are getting ever more resourceful in making their attacks appear legitimate.

2. Don’t open attachments in emails you are not expecting.

3. If you feel you need to open the attachment, call the sender to verify it came from them and they intended to send it. You may have the honor of letting them know their email has been compromised and they fell for the attack covered above.

Source: Cisco Talos Intelligence

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.