Skip to main content

Cybercriminals launch targeted phishing attacks against Microsoft 365 users

(Image credit: Image Credit: Evannovostro / Shutterstock)

Cybercriminals continue to abuse Microsoft branding to steal personal information, corporate data and account credentials, a new report (opens in new tab) suggests.

According to email security company Vade, Microsoft is the cloud brand most frequently impersonated in phishing attacks. It’s also the company to feature in the greatest number of phishing emails since 2018.

In total, more than 12,000 Microsoft-related phishing attacks were recorded in H1 2021. For context, Microsoft featured in 556% more phishing URLs than Netflix, another famous brand popular among cybercriminals.

“With its Microsoft 365 suite leading the competition in corporate email and productivity software, Microsoft is an alluring target for phishers who want access to the corporate data spoils hosted in Microsoft 365,” explained Vade.

“Microsoft’s strong showing in Q1 and Q2 is a continuation of its longstanding position as a phishers’ favorite.”

Vade went on to detail one specific phishing vector, detected in June, which abuses automatic asset rendering on Microsoft 365 login pages.

Cybercriminals are utilizing the feature to both determine whether they have hooked the intended target and to create bespoke landing pages for each target company, improving the likelihood of success.

“If the victim doesn’t notice the long and complicated URL, then they would have no reason to suspect that the page is a fraud,” said Vade.

  • Here's our list of the best antivirus (opens in new tab) services around

Joel Khalili is the News and Features Editor at TechRadar Pro, and has been a Staff Writer working across both TechRadar Pro and ITProPortal.