Attackers have created a fake Office 365 site that is distributing the TrickBot password-stealing Trojan disguised as Chrome and Firefox browser updates. In BleepingComputer’s testing, this fake Office 365 site found by MalwareHunterTeam looks like any site that would normally belong to Microsoft. In fact all of its links point to pages hosted on Microsoft domains.
Expert Comments:
Corin Imai, Senior Security Advisor at DomainTools:
The good news however is that people seem to be getting better at detecting phishing scams. A DomainTools survey a Infosecurity Europe showed success rates of around 90% in telling apart phishing scams from legitimate websites for huge companies such as Apple, eBay and Netflix. If you do suspect a phishing scam, the best advice is still to not click on anything unless you are 100% sure of its authenticity.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.