Alert: Payroll-Hijacking Attacks Are Targeting Canadian Employees
ID: 72611b1f-0bf5-506f-848c-4ffc3e167488
STIX ID: report--72611b1f-0bf5-506f-848c-4ffc3e167488
Feed Name: KnowBe4 Blog
Threat Score
Microsoft warns of a criminal group dubbed “Storm-2755” running payroll-pirate campaigns in Canada that use SEO poisoning/malvertising to surface malicious Microsoft 365 sign-in pages, employ adversary-in-the-middle (AiTM) techniques to capture authentication tokens and bypass legacy MFA, then socially engineer HR/finance staff (e.g., via “Question about direct deposit” emails) to change employee payment information and divert salaries.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.