Security advisories

Hex Encoded Links Point to Phishing Pages on Microsoft Cloud Services

July 9, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

The Threat

The eSentire Threat Intelligence team has observed a recent phishing campaign using Microsoft cloud services to host Office 365 phishing pages. Observed obfuscation methods may bypass link inspection or content filtering in certain cases. These techniques increase the likelihood of successful delivery and the perceived legitimacy of the phishing page. Users and network/email administrators are advised to review indicators and samples below for awareness.

What we're doing about it

What you should do about it

Users

Network/Email Administrators

Additional Resources

[1] https://azure.microsoft.com/en-ca/services/storage/blobs/

[2] https://www.bleepingcomputer.com/news/security/phishing-attack-uses-azure-blob-storage-to-impersonate-microsoft/

View Most Recent Advisories