Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point. The attackers send phishing emails with Outlook attachments that lead to a Microsoft SharePoint page hosting a Visio file. Inside the Visio file, victims are asked to hold down the Ctrl key and click on a “View Document” button to access an embedded URL.
This subtle action evades email security scanners and automated detection tools, leading to a spoofed Microsoft 365 login page where credentials are stolen. The attackers use various tactics to make the phishing emails appear legitimate, including using logos and branding from the breached organization’s website.
New-school security awareness training can help organizations defend against such attacks. KnowBe4 offers training that empowers employees to make smarter security decisions every day. Perception Point has documented this sophisticated phishing tactic and warns organizations to be vigilant in protecting themselves.
Source: https://blog.knowbe4.com/phishing-attacks-exploit-microsoft-visio-files