Fortified’s Dan L. Dodson recently discusses ransomware latches onto fake ads for Microsoft Teams with Cybersecurity Drive.
Malware disguised in fraudulent ads or updates is another phishing scheme organizations need to watch for. At least 60,000 parked domains became “malicious,” or linked to phishing and malware, between March and September, according to Palo Alto Networks’ Unit 42.
In the Microsoft Teams example, when a victim clicked on a corrupt link, a PowerShell script was executed via a payloader. To disguise the malicious activity, a “legitimate copy” of Microsoft Teams was also installed, according to the report.