According to Microsoft’s Security Intelligence team, Office 365 users and administrators should be on the watch for a “crafty” phishing email containing forged sender addresses.
After observing an active campaign targeting Office 365 organizations with convincing emails and several techniques to bypass phishing detection, such as an Office 365 phishing page, Google cloud web app hosting, and a compromised SharePoint site urging victims to type in their credentials, Microsoft issued an alert.
The Microsoft Security Intelligence team stated that an active phishing campaign is employing a clever combination of legitimate-looking original sender email addresses, spoofed display sender addresses that contain the target usernames and domains.
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.