New phishing scam pretends to renew Microsoft Office 365

Claudiu Andone
by Claudiu Andone
Windows & Software Expert
Loading Comments
Download PDF
Affiliate Disclosure

  • The specialists from Abnormal Security detected two types of attacks from the same source, a domain called office365family.com, registered on the Wix website builder platform. 
  • Both types of attacks want to trick you into renewing your Office 365 subscription.
  • Stay informed! Read more about this kind of threats from our Cybersecurity section.
  • Are you interested in more information about Microsoft 365? Check out our Microsoft 365 Hub.
Phishing scam pretends to renew Office 365

Unfortunately, the Covid pandemic and working from home is also a good time for attackers to release their malware and phishing nets.

The most recent threat we covered was the returning of the Emotet banking trojan but unfortunately, there are a lot of other vulnerabilities waiting to be exploited by attackers.

Now it’s not the time to leave your computer unprotected. Make sure you have a powerful antivirus and update it as frequently as possible.

Microsoft renewal scam targets Office 365 users

The specialists from Abnormal Security detected two types of attacks from the same source, a domain called office365family.com, registered on the Wix website builder platform. 

The first type of attack is to send an e-mail in which you are told that Office 365 is now Microsoft 365 and that you should renew your subscription by the due date.

If you click on the link provided by the phishing attacker in the message, you will be taken to a form to complete with your personal data, just like in the screenshot below.

phishing attack type

The second form of attack is an email warning you that your Microsoft 365 subscription has expired and again, it needs to be renewed sooner than later.

This time, the Renew now link will take you to a PayPal page where you’re invited to enter your payment credentials.

phishing attack Microsoft 365

This should raise a red flag for anybody, not because Microsoft wouldn’t accept PayPal payments but because the Office account page wouldn’t bring you directly to a Paypal option.

Of course, either type of scamming will result in losing important information that the attackers will use to steal money from you.

How can I protect myself from phishing attacks?

Phishing attacks prey on the user’s innocence and misinformation.

You can easily protect yourself from phishing attacks if you restrain yourself from clicking on unsolicited e-mails and links.

Also, it doesn’t hurt to keep yourself informed about the latest threats and attacks.

Have you been the victim of a phishing attack? Tell us your story in the comments section below.