ESET Ireland warns Irish businesses to pay attention to a fraudulent email phishing for login details to Microsoft Office 365.
The email pretends to come from the “Azure team” of Microsoft Office 365 and claims that the potential victim’s subscription will be disabled unless they “update their information”.
Once clicking on the “Update account information” link, they’re taken to a convincing-looking fake Microsoft sign in page which is hosted on Azure, Microsoft’s cloud computing platform.
The page is SSL secured, adding an apparent layer of legitimacy to the scam
and the URL will seem somewhat legitimate due to the “windows.net” and green padlock icon.
Although the URL has a green padlock, its name is a dead giveaway and users should familiarise themselves with how their regular Office 365 login looks.
After being prompted to enter their login details, the password is rejected and the user is asked to reset it.
But actually, once the credentials are submitted, the page uses HTTP method POST to send data to another web address where the cybercriminals behind the scam are likely collecting the recovered logins.
The scam can be particularly dangerous for businesses, as employees that don’t recognise it for what it is in time could hand over their login details, which could end up disrupting their work, compromise their data and cause financial and reputation damage to the company.
ESET Ireland recommends not clicking on links in any such emails and alerting co-workers to the dangers of convincing-looking phishing pages.
written by Ciaran McHale and Urban Schrott, ESET Ireland