Attackers Impersonate Microsoft Services To Target Customers

Attackers are actively impersonating Microsoft services to target customers with Microsoft, Office 365, Outlook, and OneDrive accounts.

The campaign was discovered by a security researcher, MalwareHunterTeam. According to the researcher, attackers could fake the custom branding and web hosting features to host static landing phishing sites.

Misused platforms include Microsoft Azure’s Static Web Apps which is used to steal Microsoft, Office 365, Outlook and OneDrive credentials.

While the fake landing pages can be used to scam Microsoft customers, they could also be used to target users of other platforms such as Rackspace, AOL, Yahoo and other email providers.

Users are often advised to check URLs when prompted to fill in their account details in a login form.

However, this advice is almost pointless in this scenario, as users are deceived by the azurestaticapps.net subdomain and the valid TLS certificate.

For more information, read the original story in BleepingComputer.

Attackers Impersonate Microsoft Services To Target Customers

Top Stories

QuitGPT: OpenAI faces consumer backlash after DoD deal

Bell, Telus withdraw CRTC complaints over network sharing

eBay cutting 800 jobs amid strategic realignment

U.S. Pentagon presses Anthropic to lift AI use restrictions

Canada ‘disappointed’ as OpenAI fails to offer new safety protocols after B.C. school shooting

Amodei says Anthropic had Claude before ChatGPT

Related Articles

OpenAI CEO Altman says Pentagon deal was rushed

QuitGPT: OpenAI faces consumer backlash after DoD deal

Researchers identify thousands of live Google API keys with Gemini access

Bell, Telus withdraw CRTC complaints over network sharing

TND Newsdesk

TND Newsdesk

Jim Love

Follow Us

Popular categories

Tech News Delivered