Home » Technology » Over 5,000 Advanced Phishing Emails Masquerading as Microsoft Messages Discovered – Urgent Cybersecurity Warning for Businesses

Over 5,000 Advanced Phishing Emails Masquerading as Microsoft Messages Discovered – Urgent Cybersecurity Warning for Businesses

In the technology sector, Microsoft is one of the most imitated companies by hackers. Now, cybersecurity researchers from Email & Collaboration Harmony Check Point announce that they have found more than 5,000 emails masquerading as Microsoft messages last month. The emails use highly sophisticated obfuscation techniques, making it almost impossible for users to distinguish them from legitimate communications. The impact on businesses is significant, as email compromises can lead to email account takeovers, ransomware, data theft or other negative consequences.

The spoofed Microsoft emails do not come from private or unknown domains – usually a sign that a message is a threat. Instead, the emails appear to come from organizational domains pretending to be legitimate administrators. The body of an email usually contains a fake login page or portal, where malicious content may be hidden. An unsuspecting user can easily click this and enter sensitive information or download malicious content.
To hide the malicious intent of these emails, cybercriminals use deceptive methods. For example, some emails include copied and pasted statements about Microsoft’s privacy policy, which adds to the authentic look and feel. Other emails contain links to Microsoft or Bing pages, making it more difficult for traditional security systems to identify and effectively mitigate these threats.

example

In the email below, a cybercriminal hijacked Microsoft email and impersonated a corporate administrator of an organization and sent a (fake) email on behalf of the administrator. The email appears to be credible. In particular, the style of the email is very similar to messages received by users in general.

“We can no longer think of email from (business) communication, it has become an essential tool. That’s the bottom line: email is a popular target for cybercriminals. 90 percent of cyber attacks start with email. That’s a huge share,” said Zahier Madhar, a security engineer at Check Point Software. “So companies need to prevent malicious emails from reaching end users’ inboxes. information, known and unknown phishing attempts detected and blocked before they reach users.”“But the examples of spoofed and highly credible Microsoft emails are also a warning that we must continue to pay attention to extensive training and be vigilant to stay ahead of threats. Just like in the example, these types of phishing attacks are uniquely sophisticated and difficult to distinguish from legitimate email.

2024-10-08 01:01:29
#Check #Point #software #detected #fake #Microsoft

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.