"Office 365 Mail-Box Account Update" Phishing Scam

Comments: 0
Views: 318
Save
Updated: Apr. 29, 2018 2018-04-29T12:18:00
Posted: Apr. 29, 2018 2018-04-29T12:13:36
Online Threat Alerts (OTA)

The "Office 365 Mail-Box Account Update" email message below, which claims that the recipients need to update their accounts to help fight against spam and prevent permanent email malfunction, is a phishing scam. The fake email message is being sent by cyber-criminals to steal the recipients’ account username and password. Once cyber-criminals have gotten their victims’ account credentials, they will hijack their accounts and use them fraudulently. So, recipients of the fake email message and others like it should delete them and never attempt to click on the links or follow the instructions in them.

Recipients of the same message who have already followed the instructions in it should change their email account's password immediately before their accounts are hijacked and used fraudulently.

The "Office365 Mail-Box Account Update" Phishing Scam

From: Support Team <liisa.hannuksela@samk.fi>

Sent: Friday, April 27, 2018 8:17 AM

Subject: Mail-Box Account Update

Dear- Office365 User,

We are presently fighting against spam messages due to large amount of spam mail, we updated our system firewall kindly protect your security level by updating your account below.

UPDATE ACCOUNT NOW

Note: All office365 user must update their account to prevent permanent Email malfunction.

Thanks,

Microsoft 2018 Service

The link in the fake email message goes to a fake Office 365 website. On the fake website, visitors will be asked to sign-in, if they attempt to do so, their email usernames and passwords will be sent to the cybercriminals responsible for the phishing email message. Once the cybercriminals have gotten their potential victims Microsoft account credentials, they will gain access to their accounts, hijack the accounts by changing passwords, and use the accounts fraudulently.