Attacker uses an Office 365 site to steal user credentials

VPN ยป Security

Reading time icon 2 min. read

Calendar icon Updated on

by Don Sharpe 

updated on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Key notes

  • Hackers set up an Office 365 login page to steal users' Microsoft credentials.ย 
  • Remote workers using VPNs to securely connect to company networks were a target for the email phishing attacks.
  • You can always visit our Office 365 hub for relevant tips, guides, and news.ย 
  • Would you like to optimize your company's virtual private network security? Check out the VPN page for practical recommendations and tools!

ย 

VPN targeted for cyber attacks

Email phishing may be one of the oldest tricks up the sleeves of any hacker, but it hasnโ€™t run out of fashion yet. For example, a malicious player recently set up an Office 365 phishing base to fraudulently obtain usercredentials.

Pretty much any platform that requires user authentication to allow access can be a target for phishing.

Also, anyone can be a victim, from SaaS customers to OneDrive users.

BEST PRICES FOR FEBRUARY 2024
ExpressVPN

Browse the web from multiple devices with increased security protocols.

4.9/5
Grab the discount โ–บ
Private Internet Access

Access content across the globe at the highest speed rate.

4.7/5
Grab the discount โ–บ
Cyberghost

Connect to thousands of servers for persistent seamless browsing.

4.6/5
Grab the discount โ–บ

Malicious actors created an Office 365 email phishing site

Hackers sent remote workers malicious email links to fraudulently capture their user credentials, according to an Abnormal Security report.

For starters, they took advantage of the fact that many organizations are currently setting up VPNs to secure internet connections for their work-at-home employees.

The target receives an email disguised as official communication from their employerโ€™s IT department in this phishing attempt.

Next, the target clicks the link in the email, which leads to a VPN configuration that the attacker set up. In the end, the employee lands on a login page hosted on the Office 365 platform.

Since the site looks almost 100% the same as the genuine one, the remote worker, sadly, falls for it.

Therefore, the victim supplies their login details oblivious of the fact that theyโ€™re not signing into their employerโ€™s official portal.ย  So, just like that, the bad actor makes away with the targetโ€™s Microsoft credentials.

The attack impersonates a notification email from the IT support at the recipientsโ€™ company. The sender email address is spoofed to impersonate the domain of the targetsโ€™ respective organizations. The link provided in the email allegedly directs to a new VPN configuration for home access. Though the link appears to be related to the targetโ€™s company, the hyperlink actually directs to an Office 365 credential phishing website.

Here are tips for optimizing your email security:

  • User discretion: Always check the URL of any web form that requires your user credentials.
  • Email security: Use email scanning anti-malware.
  • Windows updates: Always install Windows security updates.
  • Microsoftโ€™s security tools: This can elevate your threat detection capabilities.

Have you ever been a victim of email phishing? Feel free to share your experience in the comments section below.

[wl_navigator]

More about the topics: Cybersecurity

Don Sharpe

Don Sharpe Shield

Tech Journalist

Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, Forexminute.com, The Writers Network and a host of other companies.