The anatomy of phishing sites – campaign imitating the Box file sharing service

Summary

NCSC-FI analyzes a phishing campaign imitating the Box file sharing service, detailing the techniques criminals use to acquire user IDs and passwords from organizations.

Details

Event Type: Phishing Campaign Analysis

Target Service: Box file sharing service

Attack Characteristics:

Phishing campaigns can spread quickly
Criminals acquire user IDs and passwords from organizations
Various techniques used to lure users into entering credentials
Campaign uses different methods to deceive users

Key Points:

Technical analysis of phishing site structure
Review of luring principles
Educational content for defenders

Impact Assessment

Severity: Medium

Scope: International - Multi-Organization Campaign

Attack Type: Credential Phishing

Target: Organizations using Box or similar file sharing services

Notes

Source is in English from NCSC-FI. This is a technical analysis article providing defenders with insight into phishing campaign mechanics.