Fake Office 365 Site Pushes Trickbot Trojan As Browser Update

Attackers have created a fake Office 365 site that is distributing the TrickBot password-stealing Trojan disguised as Chrome and Firefox browser updates. In BleepingComputer’s testing, this fake Office 365 site found by MalwareHunterTeam looks like any site that would normally belong to Microsoft. In fact all of its links point to pages hosted on Microsoft domains. 

Expert Comments: 

Corin Imai, Senior Security Advisor at DomainTools:

“This Office 365 scam is worrying for a number of reasons. Firstly, the widespread use of Office 365 as an enterprise tool means this scam casts an incredibly wide net. Secondly, the sophistication of the fake Microsoft webpage, which is so convincing it is likely to fool even some of the most diligent 365 users, particularly as the links send users to pages hosted on Microsoft domains. The Trickbot trojan is one which is difficult to detect and is extremely adept at stealing information, meaning bad news if you do install this.  

The good news however is that people seem to be getting better at detecting phishing scams. A DomainTools survey a Infosecurity Europe showed success rates of around 90% in telling apart phishing scams from legitimate websites for huge companies such as Apple, eBay and Netflix. If you do suspect a phishing scam, the best advice is still to not click on anything unless you are 100% sure of its authenticity.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.