About 10 thousand Microsoft Email Users Hit in FedEx and DHL Phishing Attack
Cybercriminals have sent about ten thousand (10,000) phishing emails disguised as delivery notifications from FedEx and DHL Express to unsuspecting Microsoft email users.
What is Phishing?
According to the Oxford dictionary, Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. Though phishing attacks can be used to deliver malware to unsuspecting victims, the cybercriminals, in this case, were after the credentials of the Microsoft email users.
Which companies were used in this phishing scam?
The cybercriminals targeted the American and German courier giants:- FedEx
- DHL
How did the scammers achieve this?
By leveraging Google Firebase and Quip services, the cybercriminals provided links inside the emails which takes the user to a fake Microsoft 365 login page in the FedEx phishing email and a fake Adobe login page in the DHL phishing email when clicked. Their intention is to harvest the users’ credentials.
Reviewing the emails more closely, it is evident that the criminals had done their homework and crafted these emails in a way that is convincing at a glance. Using the language of the courier industry and branding of both FedEx and DHL, one will the tricked into clicking the links. For example, the FedEx email has the subject “You have a new FedEx sent to you”. In the DHL email, the subject was “Your parcel has arrived ” with the user's email address at the end of the title.
To lure the users to click the link inside the DHL email, the scammers said the parcel could not be delivered due to incorrect information but can be collected from the local post office. The email prompted users to check out the attached “shipping documents” if they want to receive their delivery. Remember scammers will use tricks like this to get you to click on links in order to steal your information or trick you into downloading malware onto your computer or network.
Google Firebase a platform that is used to build web and mobile applications.
Cybercriminals are using these services because it helps them to evade security systems put in place to filter and catch or block phishing and spam emails. According to research, the use of legitimate free services like Google Firebase, Quip, and Box has been used by cybercriminals in recent times to launch their attacks.
Quip is a tool for Salesforce that offers documents, spreadsheets, slides, and chat services.
Here are some of the steps you can take to protect yourself or your employees against phishing scams?
- Request a Demo Today! Try Phish King today to take advantage of our effective Security Awareness Training.
- Educate your employees about the prevailing cyber-attack tactics and basic preventive practices they can adopt to prevent it.
- Instruct your employees to carefully double-check the sender’s email address and look out for any unusual date formats and language inconsistencies.
- Avoid opening any emails or clicking on any links or attachments from unknown or suspicious senders.
- Implement standard email authentication protocols such as DMARC, DKIM, and SPF to secure your email domain against domain forgery.
- Implement KDMARC to monitor all three of these email authentication protocols to complement the Simple Mail Transfer Protocol (SMTP).
PhishKing was built to address the ongoing need for security awareness training that is intuitive, targeted, and realistic. We keep up to date with the trends in cybercrime and reflect this in the features of our software. We believe staff training is only truly effective if it results in changed behaviour that can be measured and monitored. PhishKing provides your organisation with real-time analysis of your staff’s response to various simulated phishing campaigns customised to your industry.
We also offer security awareness training that covers specific departments or job functions. Unlike many other vendors, we are ourselves are security practitioners who are passionate about our industry and hold significant experience and industry recognised certifications.