EvilProxy is a recent phishing campaign that has targeted high-level executives in various industries, with a particular focus on the popular job search platform Indeed. This campaign has exploited an open-redirect vulnerability on Indeed.com , posing a significant threat to organizations and individuals alike .
EvilProxy     , a phishing campaign known for its targeting of executives, has affected organizations in sectors such as banking and financial services, insurance   , property management and real estate  , and manufacturing   . The primary targets of this campaign were executives in the C-suite, particularly those using the job search platform Indeed. Between July and August 2023, attackers distributed a deceptive link that appeared to lead to Indeed.com but actually redirected victims to a counterfeit Microsoft Online login page. By tricking victims into entering their credentials, the attackers were able to harvest session cookies, bypassing multi-factor authentication   . This attack highlights the danger of open-redirect vulnerabilities , where users are deceived into visiting phishing pages while believing they are on trusted sites like Indeed.com . It is an example of an Adversary In The Middle (AiTM) phishing attack . To mitigate the risk of EvilProxy phishing attacks , organizations should ensure that their executives and employees are properly trained to recognize and respond to such attacks.
The existence of open redirection vulnerabilities poses a severe threat to users , as demonstrated by the EvilProxy phishing campaign. To address this issue, organizations should invest in robust cybersecurity measures and continuously educate their employees . Additionally, responsible disclosure of vulnerabilities, as done by Menlo Labs to Indeed.com, is crucial in minimizing the impact of such threats. Phishing attacks like EvilProxy continue to pose a significant risk , emphasizing the need for individuals to remain vigilant and follow best practices to protect themselves . By taking proactive measures, organizations can mitigate the risk and minimize the potential future implications of such attacks.