Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Microsoft 365 users need to be on their guard — new phishing campaign could cause some serious damage, and it's being offered for sale for barely nothing to lure new criminals in

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system.

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost.

Greatness was developed by a threat actor going by the alias “fisherstell” and has been available since mid-2022, primarily targeting Microsoft 365 office software users.

Other hackers can rent the tool to get everything they need to launch a successful phishing campaign - from email generation, to anti-detection measures, to an active community happy to help.

Bypassing MFA

To purchase a license, hackers would need to go to the tool’s Telegram channel and pay $120 a month, in Bitcoin. After that, they get customizable email elements where they can tweak sender names, email addresses, subjects, messages, attachments, and QR codes. They can also use features such as randomizing headers, encoding, and other obfuscation techniques aimed at bypassing email security filters and making it into the victims’ inboxes.

While all of the features probably sound enticing, it’s the price that makes all the difference, Trustwave hints. “This signifies the widening availability for anyone to launch phishing campaigns with a minimal charge of $120 per month in Bitcoin, lowering the barrier of entry for cybercrime,” the company said.

The kit is designed to target Microsoft 365 accounts credentials. It can even bypass multi-factor authentication (MFA) solutions, by asking victims for the codes sent to their phones and email addresses. Finally, the usernames and passwords that get extracted via this phishing attack get sent to the attackers through Telegram, once again. 

To remain secure, Microsoft 365 users are advised to be careful when reading and reacting to emails, especially those that carry a sense of urgency (pending transaction, returning parcel, salary inquiries, etc.), or attachments which could be malware

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.