Home >  Blog >  NEW EMAIL PHISHING THREAT TARGETS MICROSOFT 365 USERS

NEW EMAIL PHISHING THREAT TARGETS MICROSOFT 365 USERS

Posted by Michael Goodwin on 19 July 2023
NEW EMAIL PHISHING THREAT TARGETS MICROSOFT 365 USERS

Mailguard is a world leader in email security, and the email security solution we use and recommend at Loyal I.T. Solutions. They recently published this information about attacks on Microsoft 365 users. We believe this information is so important that we have shared their original blog.

"We recently defended against this new email phishing threat targeting Microsoft 365 users. The email is entirely in the form of an image in an attempt to bypass anti-spam text classifiers. The email claims that the recipient’s password has expired and provides a link to a fake login page that closely emulates the official Microsoft 365 login page.  

Clicking the link brings the recipient to a landing page requesting login credentials. Attempting to login with false credentials returns an error, indicating that the attacker is actually proxying the request across. The next step would likely be to input a 2FA token, giving the attacker full access to the account.

Please be careful when you receive emails claiming that your password has expired, and always verify the authenticity of any login pages before you enter your credentials. If you receive a suspicious email, do not click on any links or enter any personal information. Instead, please report the email to your IT department for further investigation and recommend MailGuard to help prevent future phishing attempts.

MailGuard urges users not to click links or open attachments within emails that:

  • Are not addressed to you by name. 
  • Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
  • Are from businesses that you were not expecting to hear from, and/or
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.

Many businesses turn to MailGuard after an incident or a near miss, often as a result of an email similar to the one shown above. If unwanted emails are a problem for your business, don’t wait until it’s too late.  

One email is all that it takes

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business." mailguard.com.au

Michael GoodwinAuthor:Michael Goodwin
About: Michael Goodwin began his career in Information Technology in 1992 and he brings a wealth of experience to his is current venture - Loyal I.T. Solutions. Based on the NSW Central Coast, Loyal IT Solutions services businesses large and small from Sydney to Newcastle.
Connect via:LinkedIn
Tags:Computer hardwareSecurityITNetworking SecurityEmailmailguard

Log a Job
Or an Enquiry

help@loyalit.com.au

Loyal IT
Latest news

21 November 2024
Bringing Mental Health to the Table – Our Big Blue Table Event Last Friday Loyal I.T. proudly hosted a Big Blue Tab...
Read All Latest News

Our Clients
say

Michael, thank you so much for your patience and professionalism.

Dr. Jackie Amparo
Read All Testimonials

Resources Helpful
fact sheets

Download Our Fact Sheets

Sign Up for Newsletter