Uncle Scam: Cybercrooks Exploit Microsoft Dynamics 365 in Devious Phishing Scheme
Cybercriminals are running the “Uncle Scam” phishing campaign, targeting US government contractors using Microsoft Dynamics 365 and AI-powered tools. This sophisticated scheme mimics official procurement notices to harvest credentials. Stay vigilant, double-check email senders, and educate your team to avoid falling victim.
Hot Take:
“Uncle Scam” shows that cybercriminals have finally graduated from the School of Hard Knocks to the University of Sneaky Tactics, and they’re using AI to teach the class!
Key Points:
- Cybercriminals are targeting US government contractors with a phishing campaign dubbed “Uncle Scam.”
- The campaign uses AI-powered phishing kits and Microsoft Dynamics 365 to execute multi-step attacks.
- Phishing emails mimic legitimate government procurement notices and direct users to a spoofed GSA website.
- Large Language Models (LLMs) are used to craft convincing phishing emails.
- Recommendations include double-checking email senders, hovering over links before clicking, and educating employees.
Membership Required
You must be a member to access this content.