An unusual new phishing campaign is probing email inboxes via attacks using the targets’ company-branded Microsoft 365 tenant login pages to add more legitimacy to the scam. The attackers are also using Microsoft’s Azure Blob Storage and Microsoft Azure Web Sites cloud storage solutions to host their phishing landing pages, a common tactic used by phishers to trick their targets into thinking that they’re seeing an official Microsoft login page. The phishing kit for this campaign together with the entire infrastructure used by the attackers to validate their targets emails and to generate branded landing pages is still hosted on the phisers’ domain.
Source: https://www.bleepingcomputer.com/news/security/phishing-attacks-scrape-branded-microsoft-365-login-pages/

