Security News > 2021 > December > Convincing Microsoft phishing uses fake Office 365 spam alerts
A persuasive and ongoing series of phishing attacks are using fake Office 365 notifications asking the recipients to review blocked spam messages, with the end goal of stealing their Microsoft credentials.
Instead of reaching the Office 365 portal when clicking the 'Review' button, they are sent to a phishing landing page that will ask them to enter their Microsoft credentials to access the quarantined spam messages.
Office 365 users are continuously targeted in phishing campaigns attempting to harvest their credentials and use them in fraudulent schemes.
Microsoft revealed in August that a highly evasive spear-phishing campaign targeted Office 365 customers in multiple waves of attacks beginning with July 2020.
In March, the company also warned of a phishing operation that stole roughly 400,000 OWA and Office 365 credentials since December 2020 and later expanded to abuse new legitimate services to circumvent secure email gateways protections.
Since last year, the FBI has warned of BEC scammers abusing popular cloud email services, including Microsoft Office 365 and Google G Suite, in Private Industry Notifications issued in March and April 2020.
News URL
Related news
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Microsoft: New Windows scheduled task will launch Office apps faster (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft releases emergency update to fix Office 2016 crashes (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)