Digital Scams: Warning of a New Phishing Strategy to Steal Microsoft Accounts

Attempts to commit Tricks are like phishing It is constantly replenished with new strategies, devised by cybercriminals so that their potential victims do not suspect, for example, a fake email.

Armoblox, which is dedicated to providing security for corporate email accounts in the cloud, has discovered a file A new way to commit this crime Identity theft from fake emails from the site we move.

The goal of this attack is Office 365 access credentials stolen (Microsoft Cloud Tools Platform) For potential victims, explain those responsible for the discovery.

fake mail. (Armoblocks)

The methodology consists of sending an email that simulates a WeTransfer message, a platform that allows large file sharing and can be used in both personal and business environments.

in the message The user is notified of the supposed receipt of some files available for download. In the event that the victim is not interested in the domain from which the mail was sent, they can trust and click on the link that says “View files”.

In this case, The user is redirected to a site pretending to be from Microsoft, with a blurred spreadsheet in the background and a fake Excel form in the foreground, where an email address and password are required to access the content.

User data theft model. (Armoblocks)

Not the minor detail is that the email field is already full of the victim field, in an attempt to generate more trust on the page.

In the event that a user who came to the site falls into the trap and turns over their data, those behind the scam will get the credentials to access all their Microsoft tools.

See also  Videos: Fireball lights up the Australian sky on Valentine's Eve

Lovell Loxley

"Alcohol buff. Troublemaker. Introvert. Student. Social media lover. Web ninja. Bacon fan. Reader."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top