Microsoft Identifies Multi-Stage AiTM Phishing and BEC Campaign Targeting Energy Sector
phishingbusiness_email_compromisecyberattackenergy_sectorMicrosoftSharePointadversary-in-the-middlepersistencesecurity_alertthreat_detection
Microsoft has identified a multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) campaign targeting organizations in the energy sector. The attackers exploited SharePoint file-sharing services to distribute phishing payloads and created inbox rules to maintain persistence and evade detection by users. The alert was issued by the Microsoft Defender Security Research Team.