How did Microsoft 365 email phishing attack affect users?

A large-scale, well-organised email spoofing campaign targeted 200 million Microsoft 365 users particularly in the financial services, health care, insurance, manufacturing, utilities and telecom sectors. 

The cybercriminals were leveraging a domain spoofing technique to create emails that mimic supposedly legitimate Microsoft.com addresses (i.e. no-reply@microsoft.com). According to Ironscale’s VP of R&D Lomy Ovadia, “the attack is comprised of a realistic-looking email that attempts to persuade users to take advantage of a relatively new Office 365 capability that allows for them to reclaim emails that have been accidentally marked as spam or phishing messages. 

Once the recipients click on the link in the email copy promising to take them to a secure portal where they can review and act on the so-called quarantine messages’, they will be asked to enter their legitimate Microsoft credentials on a fake authentication page which will, consequently, be harvested and most likely sold on the dark web.

Businesses keen on preventing such Microsoft 365 phishing attacks – and all attacks in general – are advised to ensure their defences by configuring email authentication protocols, such as DMARC, built precisely to block domain spoofing. 

Professional Email Marketing | Powered by EmailOut.comOpen your Unlimited Sends one-month free trial today – after your first month with us you can switch to our FreeForever account giving you 12,500 sends to 2,500 contacts each and every month for free, forever. Corporate email marketing? Contact us.

[EmailAddress]
[EmailAddress]
[YouTube Music Video]
[YouTube Music Video]