MailGuard have identified and successfully blocked an email phishing attack targeted at recipients using Microsoft’s Outlook Web Application (OWA).
Here is a screenshot of the type of email to watch out for:
Aside from some informal language, this email is a rather convincing phishing email attack.
In this particular variation, recipients that click through to “verify [their] email box account” and access their pending emails are directed to a bogus page that resembles the Microsoft OWA login interface.
This attack can leave recipients particularly vulnerable as they may have had an existing OWA session open in another tab, and not cross checked the URL field to reveal that this is a phishing scam.
As you can see in the example above, there are a few immediate signs that this landing page is a scam.
Upon entering their user name, email and password, the victim is redirected to the following page indicating successful form completion.
The cyber criminal team responsible for the phishing attack can now use the stolen credentials to hijack the victim’s Microsoft account, alongside any other accounts which use the same login credentials.
As a precaution, we urge you to delete emails that:
Educating staff and employing cloud-based email filtering and web filtering, complimented by multilayered defences including desktop antivirus, anti-malware and anti-spyware will go a long way to mitigating the risk from a wide range of email scams.
Microsoft® and Outlook® are registered trademarks of Microsoft Corporation in the United States and/or other countries.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.