Ransomware, Phishing, AI/ML, Email security

AI-assisted phishing kit sets sights on Microsoft Outlook user credentials

A smartphone displaying the logo of Microsoft Outlook in the App Store.

Microsoft Outlook users have had their credentials sought to be compromised by an AI-assisted phishing kit as part of a Spanish-speaking phishing campaign that has been underway since March, Cyber Security News reports.

Attacks, which were monitored through the OUTL string embedded with four mushroom emojis, involved redirecting targets to a fake Spanish-language Outlook login interface, where inputted credentials would be validated by the phishing kit before enabling IP and location data gathering, according to an analysis from Sage Hollow researchers.

All of the phishing kit's variants, the most recent of which is disBLOCK.js with clear functions and indentations suggesting AI-based code generation, were found to have an exfiltration payload with a standardized format, allowing HTTPS POST request-based data transmission to Discord webhooks or Telegram bot APIs.

Such findings were noted to be indicative of the kit's operation under a phishing-as-a-service model.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds