Microsoft has long been a victim of phishing attacks. A new wave of phishing attacks is attempting to steal victims’ Microsoft credentials by impersonating Office 365 notifications.
The phishing emails request that recipients review spam messages that have been blocked. The emails are extremely persuasive because the attackers send them to the targets using quarantine[at]messaging.microsoft.com and the display name matches the target’s domain. Furthermore, the attackers embedded the official Office 365 logo and provided links to Microsoft’s privacy statement and acceptable use policy.
Once the cybercriminals obtain Microsoft credentials, they will use them to gain complete control of the accounts and access to all information. Giving threat actors Microsoft credentials implies that they will have unauthorised access to victims’ sensitive data, such as contact information, calendars, and email communications, among other things.
Phishing attacks are on the rise, so let’s take a look at some recent examples. Twitter’s removal of verification badges from several verified profiles has facilitated a massive phishing campaign. The email requests that verified users update their information in order to keep their verified status. According to ANSSI, the Nobelium APT gang based in Russia has been targeting French organisations since February. The hackers obtained the email addresses of the organisations and used them to launch spear-phishing attacks against foreign entities.
It is common knowledge that you should not click on links in suspicious emails. Despite the fact that phishing attacks are on the rise, they can be mitigated with appropriate technology and human intuition. Microsoft has been a popular target for threat actors, necessitating the implementation of strong security measures.