Office 365, watch out for scam: millions of users in danger, here’s why

The scam alarm is raised among users of Office 365due to a massive phishing campaign that is putting the personal and business data of millions of people around the world at risk. Thanks …

Windows 10, problems after updates: which functions are compromised and when Microsoft will intervene


The scam alarm is raised among users of Office 365due to a massive phishing campaign that is putting the personal and business data of millions of people around the world at risk. Thanks to consolidated social engineering techniques, the cybercriminals responsible for the fraud exploit ad hoc emails to be able to extort valuable information such as access codes and banking credentials from the victims.

The e-mail messages are created with great precision, following in every way the official communication methods traditionally used by Microsoft: thanks to the logos and fonts delivered in an almost perfect way, the target in question, especially if not used to dealing with this type of online scam, falls into the trap without realizing it. Malicious links are inserted in the emails which, once clicked by the user, transfer to fictitious login pages or directly to an apparent payment site: the aim is to take possession of the data entered by the victim and then reuse them later moment.

Among the main characteristics of this fraud is, as mentioned, the great attention paid to attention to detail of web pages recreated by cybercriminals. The second winning point is the use of totally legitimate domains: the authors of the scam, therefore, manage to exploit domains that appear reliable to the user and are able to overcome the protection of any anti-spam filters. Traditionally used security systems, therefore, are circumvented through the exploitation of very sophisticated evasion techniques.

Thanks to these strengths identifiable in their strategy, cybercriminals can therefore succeed, in the event that the target inserts their sensitive data into the fictitious page, to steal the identity of the victim, his money, access to his email inbox and everything that follows, such as the possibility of extending the scam to other contacts in the address book.

How can you protect yourself from scammers? The first piece of advice is always to check the sender and the content of the email very carefully, always and under any circumstances avoiding clicking on link inserted inside it.

It is also a good idea to always be updated on new frauds circulating on the web, update IT security systems such as firewalls and antiviruses, keeping them up to date with the times and use the two-factor authentication system everywhere, even on your Microsoft account.