Security News > 2021 > October > How a vishing attack spoofed Microsoft to try to gain remote access
A standard phishing attack typically involves sending people an email or text message spoofing a known company, brand or product in an attempt to install malware or steal sensitive information.
The emails borrowed the look and layout of actual emails from Microsoft and even included information on a subscription for Microsoft Defender Advanced Protection that supposedly was ordered by the recipient.
The emails tried to convey a sense of trust, as it appears to come from Microsoft.
The initial emails described by Armorblox snuck past the Google Workspace email security.
Inspect the sender's name, email address and the language used within the email.
Check for any inconsistencies in the message leading you to ask yourself such questions as: "Why is a Microsoft email being sent from a Gmail account?" and "Why are there no links in the email, even in the footer?".
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)