New phishing attack using fake Microsoft branding

Posted by Emmanuel Marshall on 16 February 2018 12:32:58 AEDT


Zero-day phishing attack detected by MailGuard: this phishing email is designed to look like an invoice notification message from 
Microsoft Dynamics.

You can see in the screenshot above, that this is not a very well designed email scam, but the use of Microsoft’s branding makes the scam more likely to fool people.

The email contains a link labelled ‘view dynamics nav document’ that points to a fake Microsoft sign-in page.

This is actually a phishing site that collects the Microsoft login credentials of the scam victim - see screenshot below:

180216-microsoft-2.png


It should be noted that the display name shown in the scam email ‘sender’ field is Microsoft Dynamic365 but the actual sender address is microsoft@mylocustpoint.org - 
not a genuine Microsoft address. This is a clear indication that this message is not authentic.

This cyber-attack is a classic example of brandjacking - a scam format that illegally exploits the logos and trademarks of major corporations to deceive victims and persuade them to click on harmful links. 
Being such a well known and trusted company, Microsoft is an ideal brandjacking target.

If you see this message arrive in your inbox, please be sure to delete it immediately.

 

Defend Your Business


Phishing attacks can be enormously costly and destructive, and new scams are appearing every day. Scammers can use the login credentials they steal to hack into a whole company's computer system. Don’t wait until it happens to your business; take action to protect your company from financial and reputational damage, now.

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates

 

 

  

Topics: Phishing Zero Day Microsoft scam scam emails brandjacking Threat Update

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all