New Phishing Scam Pretends to Renew Microsoft Office 365

It's time to protect yourself from phishing attacks

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • The specialists from Abnormal Security detected two types of attacks from the same source, a domain called office365family.com, registered on the Wix website builder platform. 
  • Both attacks want to trick you into renewing your Office 365 subscription.
Phishing scam pretends to renew Office 365
Total AV comes with all the security tools that you may ever need to protect your data and privacy, including:
  • Check downloads, installs and executables for viruses & threats
  • Blocks unwated ads and schedule smart scans
  • Encrypt your connection across Windows, Mac, iOS and Android

Unfortunately, the Covid pandemic and working from home is also a good time for attackers to release their malware and phishing nets.

The most recent threat we covered was the return of the Emotet banking trojan, but unfortunately, there are a lot of other vulnerabilities waiting to be exploited by attackers.

Now, it’s not the time to leave your computer unprotected. Ensure you have a powerful antivirus and update it as frequently as possible.

Microsoft renewal scam targets Office 365 users

The specialists from Abnormal Security detected two types of attacks from the same source, a domain called office365family.com, registered on the Wix website builder platform. 

The first type of attack is to send an e-mail telling you that Office 365 is now Microsoft 365 and that you should renew your subscription by the due date.

If you click on the link provided by the phishing attacker in the message, you will be taken to a form to complete with your personal data, just like in the screenshot below.

phishing attack type

The second form of attack is an email warning you that your Microsoft 365 subscription has expired and, again, it needs to be renewed sooner than later.

This time, the Renew now link will take you to a PayPal page where you’re invited to enter your payment credentials.

phishing attack Microsoft 365

This should raise a red flag for anybody, not because Microsoft wouldn’t accept PayPal payments but because the Office account page wouldn’t bring you directly to a PayPal option.

If you want to cancel the Microsoft 365 subscription, follow the steps in this guide.

Of course, either type of scamming will result in losing important information that the attackers will use to steal money from you.

How can I protect myself from phishing attacks?

Phishing attacks prey on the user’s innocence and misinformation. You can easily protect yourself from phishing attacks if you stop clicking on unsolicited e-mails and links and reporting any phishing emails..

Also, it doesn’t hurt to keep yourself informed about the latest threats and attacks.

Have you been the victim of a phishing attack? Tell us your story in the comments section below.

More about the topics: Cybersecurity

User forum

1 messages