unusual-activity  - unusual activity - The Unusual Activity Would be the Warning Itself

BleepingComputer has come across a phishing that’s spoofing “Unusual sign-in” warnings from to steal users’ credentials. The emails look nearly identical to ’s real email alerts, and the sender address is the same as ’s legitimate account security email address.

The link to review the suspicious activity takes users to a phishing site that convincingly imitates Microsoft’s login page. If a user enters their credentials, they’ll be redirected to an error page on a real Microsoft site.

Our friend Larry Abrams at BleepingComputer explains that it’s important that users know not to trust the sender address field. While the sender’s address should be scrutinized for irregularities, the absence of errors doesn’t mean the email is safe.

“While some users may have felt that the emails are safe because they are coming from a legitimate Microsoft email address, it is always important to remember that the From email address can always be spoofed to be from any account an attacker wants,” Abrams writes. “Therefore, even if a phishing email looks legitimate, it is important to pay attention to the URLs of the landing pages before entering your login credentials in a displayed login form.”

Many people don’t know how easy it is to spoof an email’s sender address field, so they implicitly trust emails that appear to come from a familiar address. Even careful recipients who examine the address for typos can fall for this social engineering trick.

Most phishing attacks do contain warning signs that can be spotted by observant users, however. In this case, the phishing site’s URL reveals that the page is actually on a subdomain of dvnv6[dot]net, and the site wasn’t using HTTPS, so it would have been flagged as suspicious by the browser.

It’s worth noting, though, that the attacker could have easily made this campaign more convincing by hosting the site on Microsoft Azure, which would have given it a windows.net domain with an SSL certificate issued by Microsoft. New-school security awareness training can teach your how to verify the legitimacy of emails and links, and when to avoid them altogether.

BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/beware-of-fake-microsoft-account-unusual-sign-in-activity-emails/

Find out how affordable new-school security awareness training is for your organization. Get a quote now.


Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - The Unusual Activity Would be the Warning Itself
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - The Unusual Activity Would be the Warning Itself


Source link
Based Blockchain Network

No tags for this post.


Please enter your comment!
Please enter your name here