Microsoft Office 365 users targeted in SurveyMonkey phishing

SurveyMonkey used to hide phishing attacks against Microsoft Office 365 users

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Online polling serviceSurveyMonkeywas used as a disguise for a potentially damaging phishing attack that targetedMicrosoftOffice 365 users.

Researchers atAbnormal Securityrecently uncovered attempts to steal Office 365 user credentials using SurveyMonkey as cover.

In the campaign, the victim receives an email from a genuine SurveyMonkey site, stating it is conducting a survey among company employees. However the message contains a hidden redirect link, appearing as the text “Navigate to access statement” with the brief message “Please do not forward this email as its survey link is unique to you”.

SurveyMonkey phishing

SurveyMonkey phishing

However when clicked on, this link instead redirects the victim away from SurveyMonkey to a Microsoft form submission page, which tells the user to submit their Office 365 email and password to proceed. However doing so allows the criminals to steal the unsuspecting user’s Microsoft account security credentials.

Abnormal Security notes that this attack may be particularly effective due to its use of a real SurveyMonkey link to hide the nefarious goals within. The email messages carrying the phishing link also use official SurveyMonkey phrases and content, tricking users into believing the message is genuine.

Since the phishing URL isn’t visible within the body text, it’s also easy for victims to be tricked and miss this at first glance.

“Phishing is one of the most successful and long-standing cybercriminal tactics, and the constant evolution in the methodology as seen in these attacks goes some of the way to understanding why,” noted Niamh Muldoon, senior director of trust and security at OneLogin.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“As phishing attacks become increasingly common, and increasingly sophisticated — often tailored to a targeted team with an organisation — companies and consumers cannot rely on defending against 100% of attacks. Applying Multi-Factor Authentication (MFA) supports user awareness and conscious behaviour when it comes to phishing threats and associated risk of clicking on suspicious links.”

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Philips Hue vs Govee: choose the right smart lights for you