Phishing

False Iran war-themed missile alerts leveraged in Microsoft credential phishing attack

HackRead reports that threat actors have been delivering bogus missile warnings to pilfer Microsoft passwords as part of a new phishing campaign exploiting the ongoing conflict in Iran that also involves the U.S. and Israel.

Malicious emails purporting to be from the Ministry of Interior and Civil Defense sent through a fake email address with an Australia-based domain include an air-raid emergency warning that lures recipients into scanning the included QR code, findings from a Cofense Phishing Defense Center report showed. Doing so diverts victims to a fraudulent human check page before being redirected once more to a seemingly legitimate Microsoft login page, where login credentials are then exfiltrated.

"This is a classic example of social engineering, leveraging panic and authority to trick users into acting quickly without verification. The repeated phrasing, lack of personalization, and reliance on a QR code instead of a verified source all indicate a mass phishing attempt designed to exploit situations of panic and prompt impulsive actions," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds