MICROSOFT has issued a warning regarding a sophisticated phishing campaign targeting organizations in the U.S. This campaign, themed around a 'code of conduct review', has resulted in over 35,000 phishing attempts detected from April 14 to 16, affecting around 13,000 organizations across 26 countries, with 92% of targets in the U.S. The emails are designed to resemble internal compliance messages from entities such as 'Team Conduct Report'.
Analysis showed they were sent from a legitimate email service, often originating from a cloud-hosted Windows virtual machine. Victims are led to a CAPTCHA page before being directed to a phishing site harvesting Microsoft account credentials. Microsoft has provided guidance on mitigating these threats and shared indicators of compromise to aid enterprises.