Scammers handling a phishing website for Office 365 credentials added live support to add to the illusion of legitimacy necessary to trick victims. This particular Office 365 phishing fraud starts with an email impersonating a Microsoft alert for renewing the subscription for the Office suite of services. When a potential victim fails to log into their Office365 account on the fraudulent website, they can turn to the customer support service, which is conveniently visible on the page.
Scammers are getting very crafty now! Keep and eye out for this.
“This is an example of advanced spear phishing—attackers masquerade as a legitimate and well-trusted company in an attempt to defraud unknowing targets. Using Microsoft’s live chat support to extract information is particularly cunning. Most targets won’t suspect that the Microsoft page is not legitimate, and will therefore not be suspicious when asked to disclose personal information with the “support agent.” This is not the first time we’ve seen productivity tools being exploited to defraud unwitting targets. Recently, we reported in our blog that attackers have started to use Microsoft Forms to bypass security systems and extract data from users.
The overall lesson is that users have to be educated on the different and ever-evolving forms of phishing scams, and security solutions need to be able to adapt and evolve to sophisticated threats.”
“Cybercriminals seem to have refined their social engineering skills, and this phishing campaign is the latest demonstration of just how resourceful and creative fraudulent operations can be. Although it might be easy to trust a website that features a live chat support function, users should still follow the best practices of looking at the sender’s email address, checking websites’ URLs before clicking on links, and avoid disclosing personal information such as telephone numbers and email addresses to anyone. Ultimately, educating the general public to the risks that can come through their email inbox is still the best tool to ensure the reduction of this kind of attempts: every successful harvest of data, financial information and capital serves an incentive to cybercriminals.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.