Beware of Weaponized Amazon Gift Cards That Steals Microsoft Credentials

This new attack vector disguises malicious links within seemingly legitimate Amazon gift card emails, creating a perfect social engineering trap that leverages both financial incentives and corporate trust. Upon clicking the “View My eGift Card” button or copying the provided URL, victims are directed to a convincing but fraudulent landing page designed to replicate Amazon’s gift card redemption interface. When analyzing the attack chain, the initial redirection leads victims to a site that requests their email address to “unlock” the gift card. The attack begins with victims receiving an email masquerading as a generous $200 Amazon e-gift card supposedly sent by their employer as a reward for outstanding performance. After submitting their email, victims are seamlessly redirected to a counterfeit Microsoft login page hosted at “sso.officefilecenter.com”, which perfectly mimics Microsoft’s authentication portal. The Cofense Phishing Defense Center documented how these emails bypass traditional email security gateways by mimicking legitimate reward notification systems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The professionally designed email includes Amazon branding and emotionally manipulative language thanking the recipient for their contributions, creating a compelling reason to click through without suspicion. The domain “egift.activationshub.com” was registered mere days before the campaign launched, a common indicator of malicious intent. Cybercriminals have launched a sophisticated phishing campaign exploiting the popularity of digital gift cards to steal Microsoft credentials from unsuspecting users. Cofense researchers identified this campaign in early April 2025, noting its particular effectiveness in corporate environments where employees are accustomed to receiving recognition through digital means. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The only telltale sign is the domain name “officefilecenter.com,” which was registered less than a month before the campaign began. The attackers gather credentials in real-time, often using them immediately to access sensitive corporate information before victims realize they’ve been compromised. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 17 Apr 2025 11:55:04 +0000


Cyber News related to Beware of Weaponized Amazon Gift Cards That Steals Microsoft Credentials

Beware of Weaponized Amazon Gift Cards That Steals Microsoft Credentials - This new attack vector disguises malicious links within seemingly legitimate Amazon gift card emails, creating a perfect social engineering trap that leverages both financial incentives and corporate trust. Upon clicking the “View My eGift ...
3 weeks ago Cybersecuritynews.com
Apple Settles Lawsuit iTunes Gift Card Scam - Agreement reached with Apple to settle a lawsuit that alleged it knowingly let scammers exploit iTunes gift cards, and kept stolen funds. Apple in the new year has sought to rid itself of another legal claim, after it reportedly agreed to settle a ...
1 year ago Silicon.co.uk
Microsoft: Storm-0539 Group Behind a Surge of Gift Card Scams - With the holiday season well underway, a threat group with a history of gift card scams is ramping up its efforts, according to Microsoft. The group has been around since at least late 2021, with Microsoft noting last month that Storm-0539 is a ...
1 year ago Securityboulevard.com
Christmas scams: Attacks to be aware of this holiday season - Now, not only has the victim been charged for this fake item, but the cyber criminal now has access to all their credit card information. Now more than ever, Christmas shopping is done online - and, of course, cyber criminals are going to take ...
1 year ago Securityboulevard.com
Cisco Foundation Grantees prioritize Indigenous leadership to protect the Amazon Basin - This is the first of our three-part series on Cisco Foundation grantees working in the Amazon and South America region. This series will introduce you to eight Cisco Foundation Climate Impact & Regeneration grantees working to support preservation ...
1 year ago Feedpress.me
Master the Art of Data Security - As we step further into the digital age, the importance of data security becomes increasingly apparent. As with all data storage services, it's crucial to ensure that the data stored on Amazon S3 is secure, particularly when it's 'at rest'-that is, ...
1 year ago Feeds.dzone.com
Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers | The Record from Recorded Future News - Expel’s research echoed much of what Microsoft found last year — illustrating that Atlas Lion has shown an aptitude for leveraging cloud infrastructure and using internal documentation to learn more about how best to fraudulently issue gift ...
4 weeks ago Therecord.media
CVE-2024-11423 - The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons With Personalized Templates plugin for WordPress is ...
4 months ago Tenable.com
The Dark Side of Digital Reading: E-Books as Corporate Surveillance Tools - Americans are reading digital books at a rate of three out of ten. In a market where the majority of readers are subject to both Big Publishing's greed and those of Big Tech, it is no surprise that these readers are subject to both the greed of Big ...
1 year ago Cysecurity.news
Arrests in Tap-to-Pay Scheme Powered by Phishing – Krebs on Security - Asked for specifics about the mobile devices seized from the suspects, Lyon said “tap-to-pay fraud involves a group utilizing Android phones to conduct Apple Pay transactions utilizing stolen or compromised credit/debit card information,” ...
1 month ago Krebsonsecurity.com
ACM will no longer cross sign certificates with Starfield Class 2 starting August 2024 - AWS Certificate Manager is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting ...
10 months ago Aws.amazon.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Rundown of Security News from AWS re:Invent 2023 - Amazon Web Services has been unveiling a steady stream of announcements during its AWS re:Invent 2023 event in Las Vegas this week. The focus over the four days, as expected, is on AI as AWS strives to show that its offerings can match - or surpass - ...
1 year ago Darkreading.com
FBI warns of gift card fraud ring targeting retail companies - The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. Tracked as Storm-0539, this hacking group ...
1 year ago Bleepingcomputer.com
Amazon Prime Video Ads 5 February - Adverts will start appearing for UK users of Amazon Video Prime on 5 February 2024, unless extra fee is paid. Amazon has confirmed that adverts will begin appearing for UK customers of the Amazon Prime Video service in early 2024. In an email to UK ...
1 year ago Silicon.co.uk
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
1 year ago Blog.avast.com
Is Your Online Store Hacked in a Carding Attack? - Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping. Online companies selling products or services are struggling with the growing ...
1 year ago Cybersecuritynews.com
Amazon sues REKK fraud gang that stole millions in illicit refunds - Amazon's Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon's online platforms. This lawsuit targets 20 ...
1 year ago Bleepingcomputer.com
BidenCash darkweb market gives 1.9 million credit cards for free - The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. BidenCash launched in early 2022 as a new marketplace on both the dark web and the clearnet, selling ...
1 year ago Bleepingcomputer.com
Most scammed items for this Christmas season - As the festive season is just a couple of days ahead, the joy of giving and receiving is accompanied by an unfortunate increase in scams targeting unsuspecting holiday shoppers. Scammers are adept at exploiting the spirit of generosity and the rush ...
1 year ago Cybersecurity-insiders.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
7 months ago Aws.amazon.com
CVE-2023-49744 - Cross-Site Request Forgery (CSRF) vulnerability in Gift Up Gift Up Gift Cards for WordPress and WooCommerce.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through 2.21.3. ...
1 year ago Tenable.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com
The age of weaponized LLMs is here - It's exactly what one researcher, Julian Hazell, was able to simulate, adding to a collection of studies that, altogether, signify a seismic shift in cyber threats: the era of weaponized LLMs is here. The research all adds up to one thing: LLMs are ...
1 year ago Venturebeat.com

Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)