Select Page

This piece is a direct hit with the Microsoft 365 Nation community. Why? Because say what you must but email is THE central experience for most users in the 365 world. Look at your user’s keystrokes and you’ll see that days start and end with email. So that’s why contributor Denis Wilson’s blog below on undelivered mail notification is spot on.

A new way to get you to hand over sensitive information?

Hackers are always on the lookout for new ways to freshen up time-tested techniques. Where time-tested techniques are concerned, few are older than the humble phishing email.

In one form or another, it seeks to trick an unsuspecting user to innocently hand over sensitive information, like usernames and passwords that the hacker can then use later for any purpose.

The latest variant on the phishing attack

This is an old chestnut that sends what appears to be a legitimate email, politely informing the user that they’ve received a number of confidential emails that are currently being held for them on a server.  They’re given the choice to either refuse these messages, accept them, or delete them.

This is a case, however, of all roads leading to the same destination.  Whichever linked option is chosen, the user will be routed to a mock-up of a Microsoft Outlook login screen where the user will be prompted to enter his or her credentials.  As you might suspect, there are no actual emails, and the only purpose this box serves is to capture the information for later use.

If there’s a silver lining to this attack, it is that all of the samples that have been collected so far have the faux login box hosted on a hacked domain.  Careful users will quickly note that they haven’t been taken to Microsoft’s domain and the game will be up.

Unfortunately, ‘careful’ does not describe the vast majority of internet users, and this ploy has already taken in its fair share of victims.

Our perspective

Make sure your IT staff is aware of this latest iteration in the ongoing evolution of the phishing email.

Read more HERE.

This community is underwritten and supported by the Fortinet MSP partner program. Thank you!