The spoofing of an official looking Microsoft e-mail address means even the most savvy and careful internet users may end up being tricked by this latest con.
As with other similar scams, the message accompanying the con has urgent and fear inducing language designed to make a recipient click on a malicious link.
The target is told they have a number of e-mails placed in “quarantine” and they’ll have to click on a link to decide what to do with these offending messages.
Once a user clicks on this link they are directed to a fake Office 365 login page where they’re asked to enter legitimate user credentials.
However, this is all part of a ploy designed to harvest sensitive user data, which could then be used to access confidential information or be sold on.
Just last week it was revealed Office 365 logins for top business executives were being sold on the dark web.