Security News > 2021 > October > How a vishing attack spoofed Microsoft to try to gain remote access
A standard phishing attack typically involves sending people an email or text message spoofing a known company, brand or product in an attempt to install malware or steal sensitive information.
The emails borrowed the look and layout of actual emails from Microsoft and even included information on a subscription for Microsoft Defender Advanced Protection that supposedly was ordered by the recipient.
The emails tried to convey a sense of trust, as it appears to come from Microsoft.
The initial emails described by Armorblox snuck past the Google Workspace email security.
Inspect the sender's name, email address and the language used within the email.
Check for any inconsistencies in the message leading you to ask yourself such questions as: "Why is a Microsoft email being sent from a Gmail account?" and "Why are there no links in the email, even in the footer?".
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)