The email security and threat detection company Vade has published a report on a recent phishing attempt that involves faking the Microsoft 365 authentication mechanism. The assault email contains a malicious HTML attachment with JavaScript code, according to Vade’s Threat Intelligence and Response Centre. The goal of this code is to collect the recipient’s email address and alter the page with information from a callback function’s variable.
When examining a rogue site, TIRC researchers decoded the base64-encoded message and discovered information about Microsoft 365 phishing assaults. The requests for phishing applications were made to eevilcorponline, according to researchers. Its source code, which was discovered using periodic-checkerglitchme, resembled the HTML file in the attachment, proving that phishers are using glitch.me to host malicious HTML sites.