New Office 365 Phishing Email Threat

Tread cautiously if you have received a notification from Microsoft with “Spam Notification” in the subject line. It appears to be notifying you that you have received spam, although it is the newest attempt in a long line of phishing scams. The goal of this attack is to have you enter your Microsoft Office 365 credentials that can be used in future attacks.

MailGuard security researchers discovered the phishing campaign which contains convincing subject lines prompting the user to review emails in their security quarantine. Upon clicking “Review”, the user is taken to a convincing website, with a “Session Expired” message. The page also contains login fields to enter credentials, seemingly so the quarantine list can be accessed. By entering usernames and passwords into these fields, users are giving the cyber criminals their Office 365 credentials for future criminal activity.

If your organization uses Microsoft Office 365, be sure to educate your users on this threat.