Microsoft has always been the target of phishing attacks. A new wave of phishing attacks is using fake Office 365 notifications with an aim to steal victims’ Microsoft credentials.

About the attack

The phishing emails ask recipients to review blocked spam messages. The emails are extremely persuasive as the attackers use quarantine[at]messaging.microsoft.com to send to the targets and the display name matches the target’s domain. The attackers have, furthermore, embedded the official logo for Office 365 and provided links to Microsoft’s privacy statement and acceptable use policy. 

Why this matters

Once the cybercriminals gain access to Microsoft credentials, they will use them to take entire control over the accounts and get access to all information. Offering Microsoft credentials to threat actors implies that they will have unauthorized access to victims’ sensitive data such as contact information, calendar, and email communications, among others. 

Other phishing attacks

Phishing attacks are on the rise and hence, let us take a look at some recent incidents.
  • A massive phishing campaign is taking advantage of Twitter’s removal of verification badges from several verified profiles. The email asks verified users to update their information to avoid losing verified status. 
  • ANSSI stated that the Russia-based Nobelium APT gang has been targeting French organizations since February. The hackers have compromised the organizations’ email addresses and leveraged them to launch spear-phishing attacks at foreign entities. 

The bottom line

It is common knowledge that you are not to click on links in sketchy emails. Although phishing attacks are surging, they can be defended against with proper technology and human intuition. Microsoft has been a common target for threat actors and thus, it is necessary to implement robust security measures.

Cyware Publisher

Publisher

Cyware