Over 5,000 Advanced Phishing Emails Masquerading as Microsoft Messages Discovered – Urgent Cybersecurity Warning for Businesses

In the technology sector, Microsoft is one of the most imitated companies by hackers. Now, cybersecurity researchers from Email & Collaboration Harmony Check Point announce that they have found more than 5,000 emails masquerading as Microsoft messages last month. The emails use highly sophisticated obfuscation techniques, making it almost impossible for users to distinguish them from legitimate communications. The impact on businesses is significant, as email compromises can lead to email account takeovers, ransomware, data theft or other negative consequences.

The spoofed Microsoft emails do not come from private or unknown domains – usually a sign that a message is a threat. Instead, the emails appear to come from organizational domains pretending to be legitimate administrators. The body of an email usually contains a fake login page or portal, where malicious content may be hidden. An unsuspecting user can easily click this and enter sensitive information or download malicious content.
To hide the malicious intent of these emails, cybercriminals use deceptive methods. For example, some emails include copied and pasted statements about Microsoft’s privacy policy, which adds to the authentic look and feel. Other emails contain links to Microsoft or Bing pages, making it more difficult for traditional security systems to identify and effectively mitigate these threats.

example

In the email below, a cybercriminal hijacked Microsoft email and impersonated a corporate administrator of an organization and sent a (fake) email on behalf of the administrator. The email appears to be credible. In particular, the style of the email is very similar to messages received by users in general.