Microsoft, Zoom Case.

Microsoft is warning users of a phishing campaign that steals your username and password through Office 365 and Zoom Meeting. The phishing campaign is CAPTCHA verification page that’s looks legit but leads users to a fake sign in page. Clicking this special link redirects users to phishing site to employ Google ReCaptcha to block any dynamic scanning attempts. The top level domains from these phishing sites are .xyz, .club,.shop and .online.

 

Best,

Bingo

 

References:

 

https://thehackernews.com/2021/08/microsoft-warns-of-widespread-phishing.html

 

https://www.theregister.com/2021/08/27/microsoft_phishing_defender/

 

https://www.microsoft.com/security/blog/2021/08/26/widespread-credential-phishing-campaign-abuses-open-redirector-links/