MICROSOFT is warning Office 365 users about an email scam that could steal your passwords.
The widespread phishing scam is said to be after usernames and passwords, which could see you getting hacked.
1
The email scam involves a message which encourages you to click on a link that takes you to a fake login page.
Victims then enter their login details and have them stolen.
The attack involves a sales and marketing tool called ‘open redirects’, which can be manipulated to take people from a trustworthy website to a malicious one.
The Microsoft 365 Defender Threat Intelligence Team said: “Attackers could abuse open redirects to link to a URL in a trusted domain and embed the eventual final malicious URL as a parameter.
“Such abuse may prevent users and security solutions from quickly recognizing possible malicious intent.”
It added: “Once recipients hover their cursor over the link or button in the email, they are shown the full URL.
“However, since the actors set up open redirect links using a legitimate service, users see a legitimate domain name that is likely associated with a company they know and trust.
“We believe that attackers abuse this open and reputable platform to attempt evading detection while redirecting potential victims to phishing sites.
“Users trained to hover on links and inspect for malicious artifacts in emails may still see a domain they trust and thus click it.”
Microsoft has said over over 350 unique phishing email domains have been used in the scam so far.
Sometimes the hackers made the email look like an invite to a Zoom meeting or a spam email alert.
Open redirect scams aren’t new and have been used to target many email account providers before.
However, Microsoft was said to notice its users being targeted and decided to put out a new warning.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
Apple’s new ‘Hide My Email’ feature can kick spammers out of your inbox
In other news, Apple’s latest iOS 15 software could be released worldwide as soon as next month.
WhatsApp is working on a feature that could see your messages disappear after 90 days.
And, Twitter is having to make changes to its redesign of the app after users complained about headaches and migraines.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
