Your IT Consultant

Office 365 Users Beware – New Phishing Campaign Underway

May 29, 2019

As Office 365 gets more popular, users are targeted more often. The latest attack on Office 365 users pretends to be a “File Deletion” alert purporting to come from the Office 365 Team. The email message states that a medium-security alert has been triggered due to an unusual volume of file deletions. If you click on the “View alert details” link, you will go to a fake Microsoft account login page. The bad guys want you to fill out the fake login form so they can capture your account credentials. If you are foolish enough to fill in the blanks, you will be redirected to the correct login page where you will have to “login” again.

Bleeping Computer has posted the details about the attack. The fake login page is hosted on Microsoft’s Azure servers, which is secured by a Microsoft certificate and appears to be a Microsoft-sanctioned URL. As a practice tip…Microsoft and Outlook.com logins will only come from microsoft.com, live.com or outlook.com domains.

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com