October 26, 2021 By Becky Bracken
Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.”
Musical instruments, motorcycle parts and now malware — Craigslist really does have it all.
The Craigslist internal email system was hijacked by attackers this month to deliver convincing messages messages, ultimately aimed avoiding Microsoft Office security controls to deliver malware.
Sent from an authentic Craigslist IP address, the emails informed users that a published ad of theirs included inappropriate content and violated Craigslist‘s terms and conditions, giving false instructions on how to avoid having their accounts deleted.