• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home News Stories

Mass-spreading phishing campaign uncovered

FutureCIO Editors by FutureCIO Editors
August 18, 2023
Mass-spreading phishing campaign uncovered

Mass-spreading phishing campaign uncovered

A mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials was detected by ESET researchers. The ongoing campaign has been active since at least April 2023 and targets a variety of small and medium businesses and governmental entities. There have been victims in Latin America and European countries such as Ukraine, Italy, France, the Netherlands and Poland, where the largest number of targets are located.

Countries hit by the campaign, according to ESET telemetry

ESET researcher Viktor Šperka, who discovered it  explains that those who launched the campaign  took advantage of HTML attachments that contain legitimate codes, making it much easier to bypass reputable antispam policies, as compared to more prevalent phishing techniques such as directly placing malicious links in the email body.

Launching the attack

Viktor Šperka

The attack starts when a target receives an email with a phishing page in an attached HTML file. The email may contain warnings about email server update, account deactivation or a similar issue, which then directs the victim to click on the attached file. Afterwards, the victim is guided to a fake Zimbra login page.

The submitted credentials are collected from the HTML form and sent to a server controlled by the attacker at the back-end, infiltrating the email account. The attacker can compromise the victim’s administrator accounts and create new mailboxes to send more phishing emails to other targets.

“Target organizations vary; adversaries do not focus on any specific vertical – the only thing connecting victims is that they are using Zimbra,” adds Šperka.

Related:  Cybersecurity consultancies face high expectations from APAC CISOs
Tags: cybersecurityESETphishingZimbra
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams
  • Dropbox updates universal search and knowledge management product
  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers
Show More

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

Select Category
    • Privacy Policy
    • Terms of Use
    • Cookie Policy

    Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

    Login to your account below

    or

    Not a member yet? Register here

    Forgotten Password?

    Fill the forms bellow to register

    All fields are required. Log In

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    No Result
    View All Result
    • Management Leadership
      • Growth Strategies
      • Finance
      • Operations
      • Sales and Marketing
      • Careers
    • Technology
      • Infrastructure and Platforms
      • Business Applications and Databases
      • Big Data, Analytics and Intelligence
      • Security
    • Industry Verticals
      • Finance and Insurance
      • Manufacturing
      • Logistics and Transportation
      • Retail and Wholesale
      • Hospitality and Tourism
      • Government and Public Services
      • Utilities
      • Media and Telecommunications
    • Resources
      • Whitepapers
      • PodChats
      • Videos
    • Events
    Login

    Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

    Subscribe