Threat Level: High
A recently-discovered phishing scam pretending to be from the “Office 365 Team” is trying to trick users into their log-in credentials.
The alert notifies the user of an unusual volume of file deletions and urges users to review the activity.
When redirected, the users are encouraged to log-in to a page that is hosted on Azure, increasing the perceived legitimacy of the phishing campaign. The hackers have even gone as far as securing the page with a certificate signed by Microsoft.
It’s important to remember that Microsoft login forms will be coming from microsoft.com, live.com, microsoftonline.com, and outlook.com domains only.
If you think you may have been deceived by a phishing scam, it’s important to contact ITonDemand urgently to begin Incident Response.