Microsoft 365 Login Pages May Hide Phishing Attack

Published Date : May 22, 2020

3.03K

Major Highlights

Microsoft 365 was recently released and offers several useful tools including Powerpoint, Excel, and much more.
Security experts at Microsoft have warned that Microsoft 365 and Azure cloud platform are being exploited by cybercriminals for phishing attacks and other online scams.
One of the most recent phishing attacks identified by Microsoft researchers was found utilizing infected email alerts. The scam mainly aims at tricking innocent users into sharing their private and confidential information which can then be used for criminal activities and identity theft.

Microsoft Phishing Scam | All You Need to Know

As per a recent tweet by Microsoft, cyber hackers are turning and utilizing the Azure AD sign-in page into various phishing programs and campaigns. A spokesperson from Microsoft claimed that they have already identified several phishing sites used in the attack.

Earlier in March Microsoft announced the re-branding of Office 365 which will be known as Microsoft 365 and will focus more on personal and individual users. Post which Microsoft upgrades its customer-centric approach by adding new Personal and Family plans in April. Apart from this Microsoft 365 also offered few advanced tools and updates to its users.

Further in April it also started working on the new sign-in process called Azure AD which aimed at cutting on the bandwidth usage which is required to access the service.

Due to the coronavirus pandemic outbreak on a global scale, millions of people have been forced to work at home under lockdown situations which resulted in a great spike in the usage of Microsoft 365.

With the ever-increasing global demand, Microsoft 365 has always been a highly lucrative platform for hackers. Its massive user base serves as a ready platform for carrying out phishing attacks and hacking campaigns.

One of the most recent attacks that security experts have identified is found exploiting Microsoft 365 for carrying out phishing campaigns. Counterfeit emails were being utilized to spoof Microsoft Teams audio chat alerts and files share, we have identified over 50,000 infected emails so far, a spokesperson at Microsoft Stated.

What is Azure AD?

Commonly known as Azure Active Directory, Azure AD is a cloud-based service. It is a well-known identity and access management platform which allows users to sign in into various enterprise-level applications and systems.

What is Microsoft Teams?

Effective communication is the key to success for any business and organization and that is exactly what Microsoft Teams aims to provide. It is a collaborative offering from Microsoft and comes loaded with several useful features like video conferencing, text chat, and voice calls. It is a perfect mix of extensive text chat facilities and powerful HD video conferencing.

With Cyber Security threats increasing at a rapid pace, we must stay vigilant while making use of technology to reduce the risk of being a victim of identity and data theft.

Prachi Dani

Prachi Dani is a technical content writer who specializes in areas of science and technology. She is highly up to date with technological transitions and transformations. Writing is not her passion but the only thing that carries satisfaction in life. If not writing, you may find her engrossed playing action games on her treasured smartphone.