Posted by Milan Tesanovich, TCC Security Analyst
Recently, one of our employees received an email purporting to be from Microsoft Corporation. The email informed the employee that a Microsoft Online (Office 365) account had been created or modified for that person.
The email intends for the target to click on the link highlighted in the body of the email, ostensibly to be taken to a website to either activate the account or set a new password. An example of such an email is below.
This is a scam that targets people who the scammers are betting have created an Office 365 Microsoft account. It’s insidious in its use of the legitimate Microsoftonline.com domain in parts of the email that can lull a user into believing it is legitimate because of the valid Microsoft domains.
Don’t be fooled; the crux of the scam is spoofing the legitimate domain of onmicrosoft.com. The scammer substitutes a bogus domain for the legitimate domain, which is where you will be taken if you click on the spoofed link: [XYZ_User]@XYZCompany.onmicrosoft.com.
Some scammer set up a valid MS Office 365 account in the employee’s name and is spear phishing that employee. You can read more about this scam here: https://www.onlinethreatalerts.com/article/2015/9/22/beware-of-malicious-and-spam-emails-from-onmicrosoft-com-microsoft-office-365/
Please be wary of such emails.
To learn more about TCC’s IT Managed Services, please visit our website https://e-tcc.com/managed-services.