Hackers Have Found a Clever New Way to Steal Your Microsoft 365 Credentials

Static Web Apps are the latest weapon in the scammer arsenal

Cybercriminals have started using Static Web Apps, an Azure service, in their phishing attacks against Microsoft365 users.

Researchers from MalwareHunterTeam noted Static Web Apps have two features that are being abused with ease – custom branding for web apps, and web hosting for static content such as HTML, CSS, JavaScript, or images.

These features have been used by threat actors to host static landing phishing pages, the researchers are now saying. These landing pages look almost identical to official Microsoft services, with the company logo, and the Single SignOn (SSO) option that harvests Office 365, Outlook, or other credentials.

Sneaky tactics

Reporting on the findings, BleepingComputer says using Azure Static Web Apps to target  Microsoft users is an “excellent tactic”, as each landing page gets its own secure page padlock in the address bar, due to the *.1.azurestticapps.net wildcard TLS certificate.

Share Blog
Share this
[wp_social_sharing social_options='facebook,twitter,linkedin' twitter_username='arjun077' facebook_text='Share on Facebook' twitter_text='Share on Twitter' linkedin_text='Share on Linkedin' pinterest_text='Share on Pinterest' xing_text='Share on Xing' reddit_text='Share on Reddit' icon_order='f,t,l,p,x,r,i' show_icons='0' before_button_text='' text_position='' social_image='']