Rewterz Threat Alert – Fake Microsoft COVID-19 Relief Fund For Personal Information

Rewterz Threat Alert – New COVID-19 Themed Phishing Campaigns

May 11, 2020

Rewterz Threat Alert – AZORult Trojan – IOCs

May 11, 2020

Rewterz Threat Alert – Fake Microsoft COVID-19 Relief Fund For Personal Information

Severity

Medium

Analysis Summary

According to threat actors, Microsoft is apparently giving away millions of dollars in relief funds and all you have to do is to fill out a PDF with all your personal and sensitive information. This is rather an old way to approach user but it also shows the immaturity of the threat actor who hasn’t worked on the detailing of the email and the email is rather poor and far away from the legitimate look of a typical Microsoft email. However, people with no or little experience can fall for the simplicity of the email and can fill out the malicious form attached in the emails.

Impact

Information theft
Data abuse

Indicators of Compromise

Email Subject

May “Covid-19” Response

Remediation

Always be suspicious about emails sent by unknown senders.
Never click on the links/attachments sent by unknown senders.
Never give away your personal information without authentication.
Always check the source of information from incoming mail.

Rewterz Threat Alert – New COVID-19 Themed Phishing Campaigns

Rewterz Threat Alert – AZORult Trojan – IOCs

Rewterz Threat Alert – Fake Microsoft COVID-19 Relief Fund For Personal Information

Severity

Analysis Summary

Impact

Indicators of Compromise

Email Subject

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan