5,000 sophisticated fake Microsoft emails discovered targeting employees
By MYBRANDBOOK
Scammers posing as Microsoft employees or affiliated vendors and tricking employees into falling for fake emails is very common. But a recent survey done by Check Point's Harmony Email & Collaboration found that over 5,000 fake Microsoft emails were detected in the past month alone that poses a serious threat to businesses. These highly sophisticated phishing attempts are nearly indistinguishable from legitimate communications.
What’s happening
The fake Microsoft emails don’t originate from private or unknown domains — a clue that the emails are potential threats. Rather, the emails appear to come from organizational domains impersonating legitimate administrators.
The main portion of a given email will typically include a fake login page or portal, where malicious content may be hidden. An unsuspecting user can easily click on this and input sensitive information or download a threat.
To hide the malicious intent of these emails, cyber criminals are deploying sophisticated obfuscation techniques. Some emails include copied-and-pasted Microsoft privacy policy statements, contributing to an authentic ‘look and feel’.
Other emails have links to Microsoft or Bing pages, making it even more challenging for traditional security systems to recognize and mitigate these threats effectively.
For example, a cyber criminal has spoofed a Microsoft email and also impersonated an organization’s business administrator, sending a (fake) email on the administrator’s behalf. The email looks believable. In particular, the style of the email is so duplicative of what users generally receive that a given user would have no reason to flag it.
Mitigations
There are measures that organizations can take to sidestep these email-based threats. They include:
User awareness training: This requires a mention, although generative AI-based text means that users can no longer rely on grammatical errors and stylistic inconsistencies as primary indicators of social engineering.
AI-powered email security: This stops the full spectrum of inbox incursions. AI-powered email security tools leverage behavioral analysis and machine learning in order to prevent email spoofing, phishing, BEC threats and more.
Software patching: Organizations should keep all software up-to-date, as to prevent cyber criminals from exploiting any bugs that could allow for easy email spoofing or disruption.
BREAKING NEWS
TECHNO TRENDS
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans
The outcome of the legal dispute between X Corp and the Indian government c...
Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth
The agreement, executed through Wipro and its 100% subsidiary,...
Centre announces that DPDP Rules nearing Finalisation by April
The government seeks to refine the rules for robust data protection, ensuri...
Home Ministry cracks down on PoS agents in digital arrest scam
Digital arrest scams are a growing cybercrime where victims are coerced or ...
E-Magazine
TECHNOTAINMENT
Hrithik Roshan to endorse RuPay as Brand Ambassador
RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars
Staying true to our industry leadership position in using cutting-edge tech
MOVERS & SHAKERS
TelioLabs ropes in Phaniraj V A as the Group CEO
TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
OPEN YOUR EYES
INTERVIEWS
AMD Pensando driving innovation in the DPU architecture space
AMD Pensando stands out in the DPU (Data Processing Unit) market with its u
Autodesk continually pushing the boundaries in the Design and
Autodesk’s vision is of a better world designed and made for all. It inte
HOT PICK
MSI Announces the availability of RTX 50 series of laptops in
MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999
The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
MAKE IN INDIA BRANDS
VVDN TECHNOLOGIES
BHARAT ELECTRONICS LTD.
LAVA INTERNATIONAL LTD.
AMARA RAJA POWER SYSTEMS LTD.
EMINENT CIO'S OF INDIA
ICONS OF INDIA
Icons Of India : Puneet Chandok
Puneet Chandok is President, Microsoft India & South Asia and is respo...
ICONS OF INDIA : SANJAY GUPTA
Sanjay Gupta is the Country Head and Vice President of Google India an...
Icons Of India : Girish Mathrubootham
Girish Mathrubootham is the Founder of Freshworks (previously known ...
PARTNER SPEAKERS
PSU
CERT-IN - Indian Computer Emergency Response Team
CERT-In is a national nodal agency for responding to computer security...
EESL - Energy Efficiency Services Limited
EESL is uniquely positioned in India’s energy sector to address ener...
LIC - Life Insurance Corporation of India
LIC is the largest state-owned life insurance company in India...
VIDEOS
Top 25 Brands
Global Indian industry
Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy
Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...
Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design
Anirudh Devgan, the Global President and CEO of Cadence Design Systems...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...
ITFORUM 2025
CMO of the Year
WOMEN LEADERSHIP
IMAGE GALLERY
TRENDS IN TECHNOLOGY
MORE VIDEOS
ADVERTISEMENTS
TECHNOLOGY DISRUPTION
UNICORNS REVOLUTIONISING
of images belongs to the respective copyright holders
