
Phishing emails are very popular tools for cybercriminals. They send them out relentlessly, hoping that their casted nets are big enough to reel in a few victims here and there.
As usual, these opportunistic scammers craft emails and websites that look like the real deal. Recognizing these fake messages can be difficult to the untrained eye.
Take this new attack, for example. All it takes is a careless click and these criminals can take over your entire Office 365 account! Read on and see all the characteristics of this attack so you won’t be the next victim.
New Office 365 phishing attack
A new phishing attack has been spotted and it is designed to steal Microsoft account credentials by sending out emails that look like email non-delivery notifications from Office 365.
Here’s an image of the attack so you’ll know what to look for:
The campaign was discovered by security researcher Xavier Mertens while reviewing the recent data collected by his email “honeypots.” Note: A honeypot is a decoy computer or email account used by experts to lure and trap malware or spam attacks.
It starts with an email that pretends to be a non-delivery receipt from Office 365 saying that Microsoft found several undelivered messages in your account.
Conveniently enough, the phishing email comes with a “Send Again” button which then pulls up a phishing page that looks exactly like the real Office 365 login tool.
Disclaimer
The information contained in South Florida Reporter is for general information purposes only.
The South Florida Reporter assumes no responsibility for errors or omissions in the contents of the Service.
In no event shall the South Florida Reporter be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service. The Company reserves the right to make additions, deletions, or modifications to the contents of the Service at any time without prior notice.
The Company does not warrant that the Service is free of viruses or other harmful components