Company 
Team 
Local Government Partners 
Case Study
Company News 
Team Member Spotlight 
Managed IT Services
Cloud Hosting 
Co-Managed %201.svg){kind=icon}
Managed VOIP 
Managed Security Services 
Data Backup + Disaster Recovery 
Security Assessment 
CMMC Compliance 
SharePoint
Power BI
Web Design + Hosting
Application Development
Businesses 
Municipalities 
Local Government Services 
Healthcare
Manufacturing
Aerospace and Defense
Case Studies
Guides
News
Events
Municipalities
Healthcare
Managed IT Services
Compliance
Cybersecurity
Microsoft’s threat analysts have released extensive guidance and warnings about recently discovered malicious activity deriving from online content forms.
Microsoft’s analysts have discovered several instances of contact forms published on legitimate websites being hacked to deliver dangerous links to organizations in the form of fraudulent legal threats.
The malicious emails open with a number of serious-sounding allegations before instructing recipients to follow a link to see the evidence behind the accusations. This link downloads IcedID, a malware designed to steal data.
This form of email attack takes advantage of the feelings of insecurity caused by legal issues and a sense of urgency, which panics users into taking action that they ordinarily might think twice about.
This latest attack is another example of the ways bad actors are using traditional, legitimate online infrastructure (contact forms) to attack vulnerabilities and breach organizations in increasingly subtle ways.
IcedID is a banking trojan largely used for the exploration and extraction of banking credentials, as well as allowing remote access and control of networks that allow bad actors to deliver extra malware and ransomware.
This latest threat shows how cybercriminals are constantly looking for new ways to infiltrate networks and how seemingly harmless activities can sometimes be harnessed to deliver malicious software.
Microsoft has stated that Microsoft Defender for Office 365 detects and blocks these emails and protects organizations from this threat and that their threat analysts are continuing to actively investigate the threat. As the threat takes advantage of Google URLs, Microsoft has also alerted the relevant security groups at Google.
Microsoft has published an extensive description and analysis of how it tracks and protects against these types of threats, as well as guidance on how to defend against them.
It is important to always take care when entering any personal details into online forms that you are certain the forms are what they say they are. You should also never click links or agree to download anything from emails unless you know the sender and are confident in their veracity.
