Back to All Attacks
Attack Details
Attack Date:
May 9, 2022
Microsoft Secure Message HTML Attachment Credential Phishing Attack
Initial Email Content
Subject
[Target Company Name] EFT Payment Notification
Body
Attachment available 09/05 20:47:40
Secured file shared with [Recipient Email Address]
This document will be deleted from our storage server on its given expiry date.
Payment Confirmation A2204040417_PG3QX2
To view the secure share file, Please download the attachment.
• Please do not reply to this email. Emails sent to this address will not be answered.
Sent from [Recipient Email Domain] Messaging.
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This payload-based attack impersonates Microsoft using an HTML attachment and a secure message theme to steal credentials.
Analysis Overview
Tactic
No items found.
Goal
Credential Theft
Impersonated Party
Vector
Payload-based
Theme
Secure Message
Language