Saturday, June 15, 2024
HomeCyber CrimeMulti-Stage Phishing Campaign Leverages BYOD Concept to Target Organizations

Multi-Stage Phishing Campaign Leverages BYOD Concept to Target Organizations

Microsoft has released information regarding a multi-stage phishing effort that allowed attackers to use the concept of Bring Your Own Device (BYOD) to spread malware across an organization’s network invisibly.

Concerning the campaign

The campaign took advantage of devices that did not have MultiFactor Authentication enabled, according to the Microsoft 365 Defender Threat Intelligence Team (MFA).

Employees working for companies in Australia, Singapore, Indonesia, and Thailand were targeted in the first phase of the effort, which comprised stealing credentials and compromising accounts.

In the second phase, the compromised accounts were leveraged to gain a foothold within the targeted organisation using lateral phishing or outbound spam.

It’s worth mentioning

The researchers emphasised the importance of extra defensive measures such as MFA, stating that those organisations that did not enable MFA were impacted by the campaign.

Those who had implemented multi-factor authentication (MFA), which prohibits attackers from using stolen credentials to gain access to devices or networks, were able to thwart the campaign.

The most important takeaways

As a growing number of employees choose a hybrid work model, the potential attack surface for cyber threats continues to grow. This blurs the line between internal and external company networks, posing a significant increase in cyber dangers.


The usage of unmanaged apps, services, devices, and other infrastructure that operate outside of established policies is one of the primary hazards. Unmanaged devices are frequently overlooked or overlooked by security personnel, making them profitable attack vectors for criminals. BYOD can be used by attackers to execute lateral moves and gain persistence for future attacks.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us