skip to Main Content

Cybercrime, fake Audit report bait for an HTML phishing campaign

Fake Audit report bait for an HTML phishing campaign. The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong

A fake Audit report is the bait for an HTML phishing campaign. The objective is to steal the SharePoint Online credentials.

The link in the email point to a fake login page with the victim’s address already compiled. The user has only to digit the password.

However, by digiting any alphanumeric combination, after three attempts an error message and a link to access the real Microsoft Online login page will appear.

Meanwhile, cybercrime actors behind the scam will have stolen the credentials. Moreover, the three attempts is a trick to steal more user’s passwords that can be used also for different services/softwares.

Back To Top