Cyber-attacks launched against Outlook Web App users

logon screen

An attack campaign using advanced cyber-espionage techniques launched against Office 365's Outlook Web App users in an attempt to steal email log-in credentials from the employees of military agencies, embassies, defense contractors and international media outlets.

The group behind the attack used an interesting technique against organizations using OWA; for each attack they used JavaScript code to make it appear that the victims OWA sessions ended while at the same time, tricking them into re-entering their log-in credentials by redirecting victims to fake OWA log-in pages.

Further reading material can be found at PC World

Third party OWA Security software can be found at

Use Ctrl+Shift+R to "Reply all" to the selected message.


Will tablet and Smart phone use be a big part of your OWA 2013 deployment?