Remote workers are being warned of a new phishing campaign targeting their Skype passwords. The phishing emails look eerily similar to a legitimate Skype notification alert. The sender address spoofs a convincing Skype phone number and email address in the sender address. The real email address an external, compromised account can be found in the return path. The site is being hosted via Google s.app TLD, which is backed by Google to help app developers securely share their apps.
Source: https://threatpost.com/skype-phishing-attack-targets-remote-workers-passwords/155068/