Security News > 2022 > March > Microsoft Accounts Targeted by Russian-Themed Credential Harvesting
Phishing emails to Microsoft users warning of Moscow-led account hacking have started to make the rounds, looking to lift credentials and other personal details.
That's according to Malwarebytes, which uncovered a spate of spam email that name-checks Russian hacking efforts.
We detected something unusual about a recent sign-in to the Microsoft account.
The emails then provide a button to "Report the user," and an unsubscribe option, according to Malwarebytes' Tuesday analysis.
Clicking the button creates a new message with the to-the-point subject line of "Report the user." The recipient's email address references Microsoft account protection.
The mail explicitly targets Microsoft account holders, but the good news is that Outlook is sending the emails directly to the spam folder, according to Malwarebytes.
News URL
https://threatpost.com/microsoft-accounts-targeted-russian-credential-harvesting/178698/
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown (source)
- US Government, Microsoft Aim to Disrupt Russian threat actor ‘Star Blizzard’ (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)