A new phishing campaign is actively targeting Microsoft Office 365 users and administrators with the end goal of compromising their entire email system and using newly created accounts on the domain to deliver future phishing emails.

The attackers use phishing emails (Scam) designed to look like they are coming from Microsoft, with the Office 365 logo shown at the top, and delivered using “validated domains” “from a legitimate organization’s Office 365 infrastructure” as PhishLabs found.

They also use “Admin center and accounts” as the sender name for the phishing messages delivered through this ongoing campaign as an attempt to spoof the legitimate Microsoft 365 admin center support team and users, and “Action Required” or “We placed a hold on your account” subjects to persuade their targets to act first and think later.

Some of the phishing emails appears to be from an internal company user as a display name but the actual sender address will be hidden to persuade users to open attached files, which when opened installs a malware/virus in the background and attacks your computer and other users on the network.

Please, spare a moment of your busy day to follow the link below and read the article on how to spot phishing emails:

Source: Bleeping Computer & National Cyber Security.