Hijacked Email Thread
Content Obfuscation via Image
External Compromised Account
Hijacked Email Thread
Password Expiration
Password Expiration
Back to All Attacks
Attack Details
Attack Date:
May 18, 2022

Office365 Password Expiration Credential Phishing Attack

Initial Email Content

Subject
Access/Expire- Reminder Wednesday, May 18
Body

(no text content - anchor image only)

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates Office365 using a hijacked email thread, a content obfuscation via image, an external compromised account, and a password expiration theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
Hijacked Email Thread
Content Obfuscation via Image
External Compromised Account
Goal
Credential Theft
Impersonated Party
Vector
Link-based
Theme
Password Expiration
Language