On January 7, 2021, an employee of the Organization received a phishing email which contained a link to a malicious ?github.io? sub-domain, which hosted a fake Microsoft account login page. The employee entered their account credentials into this phishing page. On January 11, 2021, an unauthorized third party logged onto the employee’s email account, and started to transmit about 1,500 phishing emails from the employee’s email account. The employee notified the Organization?s IT team. The unauthorized third party attempted to log back in on January 11, 2021, but was blocked from doing so.
File Type:
pdf
File Size:
639 KB
Categories:
2021