Researchers have discovered a phishing campaign targeting over a hundred executives at an international company that is part of a German task force creating coronavirus protective equipment. The malicious emails in the campaign redirect users to a phony Microsoft login page, from where attackers harvest any credentials that are entered. According to Threatpost, suspicious activity was detected on the very day the task force was assembled – March 30, 2020. The name of the specific company targeted is being withheld, but the nine-company task force includes major organizations such as Volkswagen, Bayer, Lufthansa, and DHL. About half of the phishing emails were sent to executives at the larger company while the other half were sent to executives at the company’s third-party partners, bringing the total number of companies targeted to about 40.
