In recent investigations, Compass recognized a raise in popularity for
attackers to compromise Microsoft Exchange credentials. As one of the
first steps after having obtained the credentials (most commonly through
phishing), attackers created malicious inbox rules to copy in- and
outgoing emails of their victim. The attacker’s goal hereby was to
guarantee access to emails even after the compromised credentials were
changed.
Read the article over at Compass security here.
Comments
Post a comment