🎯Basically, bad actors are using a website builder to trick people into giving away their Microsoft passwords.
What Happened
Threat actors have found a new way to steal Microsoft account credentials by exploiting the no-code app-building platform, Bubble. They create and host malicious web applications that mimic legitimate Microsoft login pages. Because these apps are hosted on a trusted domain, they evade detection by email security systems. This clever tactic allows users to unknowingly enter their credentials on fake sites, which are then captured by the attackers.
Security researchers at Kaspersky have identified this trend, noting that the phishing pages often appear legitimate and are sometimes obscured by additional security checks like those from Cloudflare. This makes it even harder for users to recognize the threat. By using this method, attackers can gain access to sensitive data linked to Microsoft 365 accounts, including emails and calendars.
Who's Being Targeted
The primary targets of this phishing campaign are users of Microsoft accounts, particularly those using Microsoft 365 services. Given the widespread use of Microsoft products in both personal and professional settings, the potential impact is significant. Anyone who interacts with Microsoft services could be at risk, especially if they receive a link to a Bubble-hosted app. As phishing campaigns continue to evolve, the use of legitimate platforms like Bubble increases the risk for all users. The complexity of the apps created makes it challenging for even experienced users to identify malicious intent. This adds a layer of danger, as the attacks can reach a broader audience without raising immediate suspicions.
Signs of Infection
Users may not easily recognize they have been targeted until it's too late. Common signs include: If users enter their credentials on these fake pages, they may notice unauthorized access to their accounts shortly after. It's crucial to remain vigilant and verify the authenticity of any links before clicking.
Receiving unexpected links
Unusual activity in
Requests for login
How to Protect Yourself
To safeguard against these phishing attempts, users should take several proactive steps: Staying informed about the latest phishing tactics can help users protect their sensitive information. As cybercriminals become more sophisticated, awareness and caution are key to maintaining security.
Identify
- 1.Enable Multi-Factor Authentication (MFA) on their Microsoft accounts to add an extra layer of security.
- 2.Be cautious of links in emails or messages, especially if they seem suspicious or unexpected.
Protect
- 3.Use a password manager to generate and store complex passwords, reducing the chance of credential theft.
- 4.Regularly monitor account activity for any unauthorized access.
🔒 Pro insight: The use of legitimate platforms for phishing reflects a growing trend in cybercrime, emphasizing the need for enhanced user education and security measures.
.webp)
