In a new scam, cybercriminals spoof Microsoft Office 365 by using the email address quarantine[at]messaging[dot]microsoft[dot]com to send you a spam notification. The fake notification claims that a seemingly important email with the subject line “[Your Organization’s Domain] Adjustment: Transaction Expenses Q3 UPDATE” has been quarantined. You are asked to review the email to confirm whether or not it should be marked as spam.If you click on the Review button in the email, you will be taken to a phony Microsoft Office 365 login page. On this page, you are asked to provide your Microsoft credentials to access the supposedly quarantined email. Any information that you enter on this page will be delivered directly to the cybercriminals. Remember the following tips to stay safe:
- Never click on a link within an email that you were not expecting.
- This type of attack isn’t exclusive to Microsoft products or Microsoft users. The technique could easily be used on a number of other programs. Always think before you click.
- If you get a notification that you are unfamiliar with, reach out to your administrator or IT department. They can check to make sure the notification is legitimate.