A savvy campaign impersonating the cybersecurity company skated past Microsoft email security.
Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims’ Microsoft Office 365 and Google email credentials.
According to researchers at Armorblox, they spotted one such campaign lobbed at an unnamed global communications company, with nearly a thousand employees targeted just within that one organization.
“The email claimed to contain a secure file sent via Proofpoint as a link,” they explained in a posting on Thursday. “Clicking the link took victims to a splash page that spoofed Proofpoint branding and contained login links for different email providers. The attack included dedicated login page spoofs for Microsoft and Google.”
The email lure was a file purportedly linked to mortgage payments. The subject line, “Re: Payoff Request,” was geared to fool targets into thinking it was part of ongoing correspondence, which adds an air of legitimacy while also lending urgency to the proceedings.
“Adding ‘Re’ to the email title is a tactic we have observed scammers using before – this signifies an ongoing conversation and might make victims click the email faster,” according to the analysis.
If users clicked on the