Security News > 2020 > March > Why Microsoft's Office 365 has become an all-access pass for phishers to exploit

With so many people and organizations using Microsoft Office 365, phishers who exploit this brand can target a vast amount of people as a way to steal their account credentials, as described by Vade Secure.
Phishing attacks that exploit Office 365 come in different varieties, according to Adrien Gendre, chief solutions architect at Vade Secure.
In some cases, hackers copy the CSS from the real Office 365 login page and use it to build their phishing page.
"Overall, the sophistication of these attacks is growing, with many Office 365 phishing pages being virtually indistinguishable from the real thing," Gendre said.
The overall goal of these type of phishing attacks is to steal Office 365 credentials, according to Gendre.
News URL
Related news
- Microsoft isn't fixing 8-year-old shortcut exploit abused for spying (source)
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Microsoft: New Windows scheduled task will launch Office apps faster (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft releases emergency update to fix Office 2016 crashes (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Microsoft: Office 2016 and Office 2019 reach end of support in October (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)