Beware of OnMicrosoft.com Office 365 Malicious and Spam Emails
September 22, 2015
Spammers, scammers or cyber-criminals are abusing Microsoft Office 365 by sending spam and malicious email messages from it, which they will use to trick their potential victims into sending them their money, personal and financial information, or clicking on links that will take them to malicious websites that will infect their computers with viruses, Trojan horse or other malware. Microsoft Office 365, often referred to as Microsoft 365 or Office 365, is a web-based version of Microsoft Office Suite.
Please continue reading below.
How are Scammers Using Microsoft Office 365?
Spammers, scammers and cyber-criminals are signing up for Office 365 accounts, creating email addresses and websites, and are using them to send spam and malicious email messages to their potential victims.
Here is an example:
The following fraudulent email message was sent to a potential victim; luckily she sent it to us to determine if it is legitimate:
Subject: Attn:This Is My Second Email, Please Respond
From: Ahmed Mohamed Ahmed01@lawoffice2013 .onmicrosoft.com
The cyber-criminals responsible for the fraudulent email, created a website name or subdomain under “onmicrosoft.com” called “lawoffice2013”. The website or subdomain name looks like the following:”lawoffice2013.onmicrosoft.com”
Then they created the email address “Ahmed01@ lawoffice2013.onmicrosoft.com” from the website or subdomain name. Once the email address has been created, they then send the spam and malicious email message above from it.
Cyber-crooks are using different website or subdomain names, so look out for suspicious email messages that are sent from email addresses ending with “onmicrosoft.com.” A lot of recipients of the spam and malicious email messages sent from Microsoft Office 365 or OnMicrosoft.com accounts created by scammers, cyber-criminals or spammers, will think the email messages are legitimate, because they are coming from “onmicrosoft.com,” which is owned and operated by Microsoft.
So, recipients of suspicious email messages that are sent from onmicrosoft.com or other email addresses, should never click on links in the suspicious emails to sign into their online accounts, should never send money or their personal information if they are asked to do so by suspicious emails, and should never respond to suspicious email messages.
Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: email@example.com .
Alert and help your family and friends by sharing this article with them: