Fake DocuSign and HubSpot phishing emails target 20,000 Microsoft Azure accounts
Posted by:
Sarah Collins
A recent phishing campaign targeted industries in automotive, chemical, and industrial compound manufacturing sectors, impacting over 20,000 victims, primarily in Europe. The campaign, suspected to be orchestrated by hackers of Russian or Ukrainian origin, aimed to obtain Microsoft Azure cloud account details to access sensitive information. The attackers used sophisticated methods such as sending Docusign-enabled PDF files and fraudulent links to steal login credentials. The phishing attempts involved creating convincing emails resembling official communications from victim organizations and redirecting users to fake domains. Despite the disruption of the campaign and efforts to take down malicious infrastructure, users are advised to remain vigilant against potential threats. The cybersecurity arm Unit 42 collaborated with HubSpot to mitigate the exploitation of their platform and assist affected organizations in recovery.
Recent Posts1
12 Days of OpenAI ends with a new model for the new year
December 22, 2024
Only 15% of Steam users have played games released in 2024, but why?
December 22, 2024
