Double-check that job posting — hackers are spreading malware through them

A new phishing scam has surfaced that is showing how sophisticated bad actors are becoming in tricking unsuspecting victims into giving up their personal information.

The latest cyberattack is centered around the job listing website, Indeed. Hackers send out an email spoofing an employment opportunity from the website. Once you click the link, it will send you to a Microsoft 365 login page to enter your credentials. From here you’re not suspecting anything unscrupulous, but the next time you attempt to log into your Microsoft 365 account, you will find that not only are you getting an error message that the information is incorrect, but that your account is no longer available.

Sora Shimazaki / Pexels

Researchers at Menlo Security have observed this phishing scam, which is being targeted at U.S. executives in industries including electronic manufacturing, banking and finance, real estate, insurance, and property management, according to Bleeping Computer.

Recommended Videos

The cyberattack has been so seamless it has been able to evade multifactor authentication on Microsoft 365 accounts through a method called cookie stealing. This tactic is used to swipe the cookies from well-known websites and mimic their designs. By hacking recent web sessions of programs that are not commonly refreshed, bad actors that replicate pages can look identical to pages of common websites. Cookie stealing was also developed as a bypass for multi-factor authentication. If you have the security feature set up on your account, you would likely input it yourself, having visually deemed the website to be trustworthy.

Related

  • Hackers are sending malware through seemingly innocent Microsoft Teams messages

  • Hackers are using AI to create vicious malware, says FBI

  • Hackers are using AI to spread dangerous malware on YouTube

Researchers began noticing cookie stealing attacks in 2022, targeting several major brands, including Google Chrome, Amazon Web Services (AWS), Azure, Slack, and Electronic Arts.

The hackers in this case used a platform called EvilProxy to execute their cookie stealing and fashion a page that looks like an authentic Microsoft login page. Multifactor authentication is commonplace for Microsoft 365 so users will have some form set up.

The addition of the Indeed email makes this phishing scam especially complex because opening the link triggers an open redirect, which is a weakness that allows the bad actor to direct you to their nefarious website after clicking on a seemingly legitimate link.

This isn’t the only phishing scam plaguing Microsoft services in recent times. Last month, for example, a team of hackers was able to infiltrate Microsoft Teams to execute a phishing scam called “DarkGate Loader.” The scheme centers on a bogus Teams message about “changes to the vacation schedule,” but contains intricate hidden malware when downloaded. Cybersecurity researchers uncovered that hackers were able to access Teams through compromised Office 365 accounts and even found the unsecured email addresses they were able to take over.

Ongoing spam and cybercrime have prompted email providers, including Gmail and Yahoo to set into place requirements for bulk senders as security measures. These requirements include email authentication, the ability to easily unsubscribe, and email assurance, and will be set in place starting February 1, 2024. Google said many of the requirements largely play as basic email hygiene but are being set forth with the aim of making it an industry standard.

Related posts

Latest posts

Google Gemini among the top three AI services, with 350 million monthly users

Despite significant growth, it appears Google's Gemini chatbot lags behind rivals like OpenAI's ChatGPT and Meta AI in terms of its monthly active user base.

Gemini AI is coming to cars, wearables, and more this year, Google confirms

It's officially confirmed - Gemini is coming to Android Auto, wearables, and more.

More iPhones could get a memory upgrade, but some will have to wait

Many iPhones are due for a memory upgrade, and it seems that more models will get the boost than expected.

Google Pixel 9a offers a significant battery gain over other Pixels

If you’re in the market for a Pixel phone and can’t decide between the Pixel 9 or Pixel 8a and the recently released Pixel 9a, we’ve got some news to consider. Android Authority discovered that Google’s newest budget model offers, in many cases, substantial battery gains compared to the older models. In recent tests, the […]

Samsung’s rumored trifold might not match the Huawei Mate XT in size

Huawei's Mate XT ushered in a new smartphone form factor, and it seems Samsung's rival might not quite match.

7 of our favorite iPhone colors since 2007

There have been several very colorful iPhones over the years. Here are some of our favorites.

New AMD laptop GPUs have leaked, and Nvidia might be in trouble

A new leak tells us that AMD might have a whole lot of laptop GPUs in store, and there's an interesting model hidden among the rest.

The Fitbit Versa 4 is back to its good price of just $150 for a very short time

This is the time to get the Fitbit Versa 4. If you don't get it now, you'll end up paying $50 more.

Amazon’s No. 1 New Release is the Kindle Colorsoft Signature Edition — And it’s 20% off

Get a Kindle Colorsoft Signature Edition at a reduced price for a limited time.

OPPO Find X8 Ultra vs. Samsung Galaxy S25 Ultra: It’s not even a contest

With the Find X8 Ultra, OPPO has one of the best overall packages of 2025. Thanks to outstanding cameras and