"Microsoft Office 365 Sign-In Activity" Phishing Scam

Comments: 1
Views: 546
Save
Updated: Jul. 12, 2019 2019-07-12T20:18:07
Posted: Jul. 12, 2019 2019-07-12T20:16:25

Microsoft users are asked to delete fake "Microsoft Office 365 Sign-In Activity" email messages like the one below. The fake email messages are being sent by cybercriminals to frighten and trick the recipients into clicking on the link within them. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cybercriminals to trick potential victims into signing in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cybercriminals.

The "Microsoft Office 365 Sign-In Activity" Phishing Scam

From: Microsoft <msa@communication.microsoft.com>

Sent: Tuesday, July 9, 2019 9:52 AM

Subject: Microsoft Office 365 Sign-In Activity

Make business tasks easier | View it online

Microsoft Office 365 Sign-In Activity

Microsoft takes securing your email service seriously, your mail servers reported unusual email activity we'd like you to address, click to view reports below

View Report

<hxxp://ecyclingusa.com/wp-includes/js/dist/vendor/>

Run and grow your business with these apps

Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.

Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search

engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Would you share this article with others? +

Yes (0)
No (0)

Donate Help maintain Online Threat Alerts (OTA).

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

July 23, 2019 at 7:57 PM by info
"From: Service Alert 365Team@updateonline - verification update noreply_support_message-notification-center <Patrick@widefi.com>
Sent: Tuesday, July 23, 2019 4:11 PM
Subject: Unexpected Sign-in .:kyeung@vantiq.com
Hi,
We noticed something about a recent sign-in on Tuesday, 23 July 2019. For example, you might be signing in from a new location, device, or app.
To help keep you safe, we've restricted access to your inbox, contacts and calendar for that sign-in. Please review your recent activity and we'll help you take corrective action.
REVIEW SIGN-IN
Copyright 2019 . All Rights Reserved."
Here is another scam.
remove