Be On Alert for Microsoft Office Website Scam
Microsoft has identified a multi-stage phishing attack against a number of users. The company reported that hackers took stolen credentials, and registered devices on the targets’ networks, which were then used to deploy phishing email scams. This latest fishing scheme tries to convince users they need to sign a document with an online DocuSign form. When a user would click
![Image](https://meritsolutions.net/wp-content/uploads/2022/02/piero-nigro-JnOtAg-cbFU-unsplash.jpg)
Microsoft has identified a multi-stage phishing attack against a number of users. The company reported that hackers took stolen credentials, and registered devices on the targets’ networks, which were then used to deploy phishing email scams.
This latest fishing scheme tries to convince users they need to sign a document with an online DocuSign form. When a user would click on this link, the hackers would take them to a fake Microsoft Office website, asking for users to login. What makes this scam all the more convincing is this site would autofill the users’ credentials. However, actually signing in allowed hackers to take advantage of the user’s network.
This is an example of how important multifactor authentication is. The attack focused on accounts that did not have MFA enabled; those accounts were much easier to steal information from, since hackers did not need access to the phone number or secure device of the user. Enabling MFA is one of the easiest things you can do to protect your accounts.
In addition, do not open unfamiliar links. Always vet a website you visit to make sure it is legitimate; don’t trust a website just because it autofills your information, as we saw with this scam.
Photo by Piero Nigro on Unsplash
Share This
More Articles
![Featured image for “Watch Out for Wire Transfer Fraud”](https://meritsolutions.net/wp-content/uploads/2024/07/austin-distel-744oGeqpxPQ-unsplash-scaled.jpg)
Jul. 23, 2024
Watch Out for Wire Transfer Fraud
![Featured image for “What Are Business Email Compromises?”](https://meritsolutions.net/wp-content/uploads/2024/07/windows-JqmOD1jpHHw-unsplash-scaled.jpg)
Jul. 23, 2024
What Are Business Email Compromises?
![Featured image for “Google Might Spend $23 Billion to Acquire a Cybersecurity Startup”](https://meritsolutions.net/wp-content/uploads/2024/07/alex-dudar-MpdLxiIg0P0-unsplash-2-scaled.jpg)
Jul. 16, 2024
Google Might Spend $23 Billion to Acquire a Cybersecurity Startup
![Featured image for “Did You Know Your iPhone Can Identify Plants and Animals?”](https://meritsolutions.net/wp-content/uploads/2024/07/pexels-ron-lach-7872633-2-scaled.jpg)
Jul. 16, 2024
Did You Know Your iPhone Can Identify Plants and Animals?
![Featured image for “Did You Know Your iPhone Can Read Things to You?”](https://meritsolutions.net/wp-content/uploads/2024/07/charlesdeluvio-Dilfan21P8o-unsplash-2-scaled.jpg)
Jul. 08, 2024
Did You Know Your iPhone Can Read Things to You?
View All