Autodesk Drive Used In Microsoft Phishing Scams

Penka Hristovska

Published on: April 26, 2024

A new phishing campaign is targeting corporate users via compromised email accounts to distribute PDF files hosted on Autodesk Drive, according to cybersecurity firm Netcraft.

In the incidents reported, hackers sent out phishing emails to contacts already in the account, and even mimic the original senders’ signature footers, including the sender’s name and company name to make the email look more believable.

Netcraft notes that “victims are much more likely to click on a shared document link when the email comes from a person or business they already work with, especially when the email is furnished with the signature and other contact details they would expect to see.”

The body of the email includes a shortened link leading to a malicious PDF on Autodesk Drive.

“The links in the phishing emails use the autode.sk URL shortener, which is powered by Bitly. Autodesk Drive is intended for sharing design files in the cloud, and supports a variety of 2D and 3D data files including PDFs. It is free to use when subscribing to other Autodesk products,” Netcraft explains.

When recipients click on the link to try and open the document, they’re directed to a phishing page that asks for their Microsoft account username and password. Once a victim enters their credentials, they are redirected to a document on OneDrive about real estate investment, disguising the fact that their login details have just been stolen.

“Armed with victims’ Microsoft credentials, the criminals behind these attacks could gain unauthorized access to sensitive company data, as well as being able to send even more phishing emails from the compromised Microsoft accounts,” Netcraft notes.

The cybersecurity firm adds that attackers have tailored their attacks to different countries and regions, too, as shown by malicious PDFs in various languages on Autodesk Drive.

“The scale of these attacks and the use of customized PDF documents suggests some degree of templating and automation, leading to a series of well-targeted compromises that has the potential to spread worldwide like a virus,” Netcraft says.

SEO Powered Content & PR Distribution. Get Amplified Today.
PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
Source: https://www.safetydetectives.com/news/autodesk-drive-used-in-microsoft-phishing-scams/

Generative Data Intelligence

Autodesk Drive Used in Microsoft Phishing Scams

Crypto Oasis Thrives: UAE Blockchain Ecosystem sees Exponential Growth with 2,040 Active Organisations in Q1 2024

Revolutionizing Home Life: China’s New AI Robot Masters Laundry and Lunches, while Global Crypto and Tech Scenes Face Challenges and Change

Latest Intelligence

Revolutionizing Home Life: Chinese AI Robot Masters Folding Laundry and Crafting Sandwiches Amidst Crypto and AI Industry Turbulence

Revolutionary Chinese AI Robot Transforms Household Chores: Meet the ClothFoldBot That Folds and Feeds You!

Revolutionizing Home Efficiency: Chinese AI Robot Masters Laundry and Lunch Prep

FMAS:24 Session Spotlight – Digital Asset Brokerage, Structure and Artifice

Revolutionizing Home Life: China’s New AI Robot Masters Laundry and Lunches While Global Crypto and Tech Debates Heat Up

Revolutionizing Home Life: China Unveils AI Robot for Folding Laundry and Preparing Meals Amidst Crypto Turmoil and AI Data Debates

Chat with us