Autodesk Hosting Malicious PDF Files Leading to Phishing Attacks on Microsoft Credentials
An elaborate phishing campaign has been uncovered that involves Autodesk hosting malicious PDF files, which then lead victims to have their Microsoft login credentials stolen. This sophisticated attack goes beyond the norm by using compromised email accounts to target new victims. These compromised accounts are utilized to send unsuspecting phishing emails to contacts, complete with the sender’s actual email signature footer.
The phishing emails appear authentic, making it easier for victims to click on shared document links, especially when they come from a known sender. The links within the emails direct victims to a PDF document on Autodesk Drive, a data sharing platform that further establishes trust by displaying the sender’s name and company information.
The autode.sk URL shortener, operated by Bitly, is used in the phishing emails to trick victims into clicking on a link that takes them to a phishing site impersonating the Microsoft login form. Once victims enter their login credentials, they are redirected to what appears to be a legitimate document hosted on Microsoft’s OneDrive service, leaving them unaware that their account has been compromised.
With access to victims’ Microsoft credentials, cybercriminals can breach sensitive company data and continue spreading phishing emails from compromised accounts. The attacks are also multilingual, with some PDF files tailored to specific locales, indicating a level of templating and automation that facilitates well-targeted compromises on a global scale.
Businesses and individuals are advised to remain vigilant against these types of phishing attacks. The spread of these attacks also relies on Autodesk not hosting malicious files and other infrastructure providers not hosting the Microsoft phishing sites. Netcraft offers solutions to hosting companies to prevent their infrastructure from being exploited in such attacks. For more information, visit https://www.netcraft.com/solutions/by-industry/internet-infrastructure/.
