What does state-of-art Spear Phishing Look Like?

Hackread has the story:

http://hackread.com/outlook-web-app-phishing-page-on-russian-site/

russian-spear-fishing-website-hosts-outlook-web-app-phishing-page-2-1024x686 screenshot from fake page as on Hackread

That looks like a standard OWA access panel right?  Except that it is actually on a Russian site designed to steal your credentials.

 

If you received an email stating: “check your email with this link, must see document

Then your click lands on the OWA page, so now if you enter your credentials (email and password) you will have given your info to the Russian criminals.

 

There is a difference between this fake page and a real one.

What is it?  Here is a sample site:

OWAlegitimatelogin

Notice the blue highlighted box: No  need to enter email address.  The fake site is asking for your email address separately (so the criminal hackers have given themselves away), I would make sure I am at the right place before entering username and password. Otherwise the hackers have a very good beginning into trying to hack into your network.

 

Contact us to test your OWA server on the Internet with the Alpha scan.

 

New video that explains the Alpha scan:

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.