Hacked SendGrid accounts used in phishing attacks to steal logins

Security news from bleeping computer. Be careful of Zoom invites..:

A phishing campaign targeting users of Outlook Web Access and Office 365 services collected thousands of credentials relying on trusted domains such as SendGrid.

The threat actor behind this activity, which received the name “Compact,” has been operating since at least the beginning of 2020 and likely collected more than 400,000 credentials in multiple campaigns.

Zooming in on credentials

Using Zoom invites as a lure and an extensive list of email addresses, the operators of the phishing campaign delivered messages from hacked accounts on the SendGrid cloud-based email delivery platform.


Original Article