Login

Register

Login

Register

#cyberfraud | #cybercriminals | Microsoft Phishing Scam Exploits Iran Cyberattack Scare


An attacker is attempting to take advantage of the recent warnings about possible Iranian cyberattacks by using it as a theme for a phishing attack that tries to collect Microsoft login credentials.

With the rising escalations between the United States and Iran, the U.S. government has been issuing warnings about possible cyberattacks by Iran and potential attacks on critical U.S. infrastructure.

To take advantage of this increased tension, an attacker has created a phishing scam that pretends to be from ‘Microsoft MSA’ and has an email subject of ‘Email users hit by Iran cyber attack’ warning that Microsoft’s servers were hit by a cyberattack from Iran.

The phishing email goes on to say that in response to this attack, Microsoft was forced to protect their user by locking their  email and data on Microsoft’s servers. To gain full access again to this locked data, the phishing email says that the recipient must log in again.

Phishing email about Iranian cyberattack on Microsoft Servers
Phishing email about Iranian cyberattack on Microsoft Servers

According to Michael Gillett, who received this phishing scam and shared it with BleepingComputer, it was able to bypass Outlook’s spam filters and arrive in the service’s inbox. 

The full text of this phishing email, which needed a run through a spell checker, can be read below.

Cyber Attack

Microsoft servers have been hit today with an Cyber Attack from Iran Government

For your seifty and security we had to take extra mesures to protect your account and your personal data.

Some emails and files might still be locked on our servers, in order to get full access to your emails and files you have to signin again.

If you still have problems receiveing emails please be patient, our support team is working on this issue and we will fix this as soon as possible.
 
Restore Data

If a recipient clicks on the ‘Restore Data’ button, they will be redirected to a phishing landing page that pretends to be a Microsoft log in form. As you can see by the URL, this is not a legitimate Microsoft site.

Microsoft Login Phishing Page
Microsoft Login Phishing Page

If a user enters their login credentials, it will be stolen by the attackers and used for other attacks. These attacks could include targeted phishing scams, credential stuffing attacks, or even data theft.

As always, when receiving strange emails that ask you to log in to perform some task, you should always be suspicious and contact your network or mail administrator.

Furthermore, users should always examine the URLs of any landing pages that contain Microsoft login forms and to remember that legitimate login forms will be on the microsoft.com, live.com, and outlook.com domains.



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW