Complex Office 365 phishing scheme uses Oracle and Amazon cloud services

The currently active Office 365 phishing campaign for stealing credentials is reported to have a huge infrastructure, combining several Oracle and Amazon services. Victims are baited to the phishing page by fake Zoom invitations and notifications, that are sent using the legitimate services such as AWS (Amazon Web Services) and Oracle Cloud. Credentials entered on the fake page are then redirected to the another hacked website. Read more...