New Phishing Scam Exploits Microsoft Copilot’s Popularity
A new phishing campaign is taking advantage of the growing popularity of Microsoft Copilot, a generative AI assistant, to trick users into giving up their login credentials. According to a recent post on the Cofense blog, cybercriminals are sending out emails that appear to be from “Co-pilot,” exploiting the fact that many users may not be familiar with Copilot’s email communications.
The attack unfolds in several stages. Victims who click on links in the phishing emails are directed to a fake welcome page and then a bogus login page designed to steal their usernames and passwords. In a particularly insidious move, the final stage of the attack redirects users to a fake Microsoft Authenticator page. This gives the attackers more time to use the stolen credentials before the victim realizes what has happened.
Cofense emphasizes the importance of educating employees about new technologies like generative AI and how to recognize legitimate communications from these tools. They recommend that IT departments provide visual examples of expected interactions to help prevent these types of spoofs from being successful.
The Cofense blog post Microsoft Copilot Spoofing: A New Phishing Vector also includes a list of Indicators of Compromise (IOCs), such as IP addresses and URLs, associated with this phishing campaign. This information can be used by security professionals to identify and block these attacks.
Post Comment