24/12/2021
Phishers convincingly mimic Microsoft messaging to trick users
Criminals are using authentic-looking messages to get recipients to review allegedly misfiled spam — then harvest their credentials.
According to public reports, a new phishing campaign is targeting Microsoft customers with a seemingly reasonable request to review a quarantined message that was classified as spam. The scammers send messages from quarantine[at]messaging.microsoft.com, and the display name they use matches the recipient’s domain. The message includes an Office 365 logo and official Microsoft links to lend credibility. The only immediate signs it’s a fake are a few extra spaces in the text and some uneven formatting.
If a user clicks the link, it redirects them to a password-stealing page (scammers who have a user’s e-mail address and password may later use them for identity theft or other criminal activity).
To avoid falling victim to phishing:
•Don’t open links in suspicious or unexpected e-mails
•Don’t enter your credentials on the pages that e-mail links open. It’s safer to log in the way you normally do — in an app or on a website you open by typing its URL — and then check whether you have pending notifications
