By Anthony Berrios
Blog Post #9
Recently a phishing scheme was discovered that abused, OneNote, which for those of you that may not know is Microsoft’s cloud based note taking software. The campaign was able to bypass detection tools and download malware onto victim’s computers. Included in the campaign were agent Telsa key-logger and a linked phishing page. The attacks originally started with an email to unsuspecting victims that contained a link to a OneNote document. The threat was able to update a phishing notebook multiple times a day, experiment with various intrusion methods, and improve the odds to successfully evade email security controls,” said researchers with Cofense in a Tuesday analysis. “Numerous Agent Tesla Keylogger payloads as well as links to different credential phishing websites were included in the campaign.” Once the systems were infected, the keyloggers were able to successfully document the victim’s keystrokes which can lead to account information being exposed as well as banking information and computer login info. This is scary because a hacker can easily end someones whole life before the victim even knows what is happening. By the time the victim would find out the cyber criminal would have already had all the information needed to use the victims accounts without him/her knowing. This topic is significant and relevant because although I personally do not use One Note, many students across the country do use this software and I could see many students falling victim to an auto verification phishing scheme like this one.
PC Security & News 