Microsoft Warns of Phishing Attack Targeted at Office 365 Users GA S REGULAR Menu Lifewire Tech for Humans Newsletter! Search Close GO News > Internet & Security

Microsoft Warns of Phishing Attack Targeted at Office 365 Users

Attack uses open redirectors to steal login credentials

By Cesar Cadenas Cesar Cadenas Writer California State University - Long Beach Cesar Cadenas has been writing about the tech industry since 2016 on a variety of topics like cryptocurrency, video games, the latest gadgets, and much more. lifewire's editorial guidelines Updated on August 31, 2021 03:31PM EDT Fact checked by Rich Scherr Fact checked by Rich Scherr University of Maryland Baltimore County Rich Scherr is a seasoned technology and financial journalist who spent nearly two decades as the editor of Potomac and Bay Area Tech Wire. lifewire's fact checking process Tweet Share Email Tweet Share Email Internet & Security Mobile Phones Internet & Security Computers & Tablets Smart Life Home Theater & Entertainment Software & Apps Social Media Streaming Gaming Microsoft is warning its Office 365 customers of a widespread phishing campaign to steal usernames and passwords. The Microsoft 365 Defender Threat Intelligence Team posted its findings on its Security blog, which details how the attacks are done and advises what people can do to defend themselves. CHUYN/Getty Images The attack works by leading Office 365 users down a series of links and redirections to a Google reCAPTCHA page. Users are taken to a fake sign-in page where their credentials are stolen, leaving them compromised. According to the Intelligence Team, the Google reCAPTCHA verification adds a false sense of legitimacy to users who are tricked into thinking the whole process is fine. Hackers rely on a marketing tool known as an open redirect, an email with a link that takes the user to a different domain. Open redirectors have been abused in the past to direct users to malicious sites. The Intelligence Team advises users to hover over the link in an email to check the destination before clicking. The idea is that the user can see if the domain name is legitimate and associated with a website they know and trust. Google, on the other hand, has a different opinion. In a post on their Bughunter University, a site dedicated to looking for bugs and glitches, Google responds to the allegations that open redirectors are unsafe. Kiyoshi Hijiki/Getty Images The post states that while the open redirectors themselves are not a vulnerability, it admits that they can be abused for other vulnerabilities. The company disagrees with the advice of hovering over the link before clicking, as it isn’t always the most accurate and users typically don’t examine the URL after moving. However, Google doesn't offer any sort of advice on defense other than contacting them. Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit More from Lifewire Protect Yourself From Malicious QR Codes Can a Router Get a Virus? How to Turn off the Phishing Filter in Internet Explorer The 4 Best Slack Security Tips to Keep Your Team Chats Safe What Is a Windows SmartScreen Filter? What Is a Cyber Attack and How to Prevent One How to Test a Suspicious Link Without Clicking It The 6 Best Antivirus Apps for iPhones in 2022 How to Remove That Microsoft Warning Alert 8 Tips on Basic Computer Safety Zemana AntiMalware 3.0 Premium: Everything You Need to Know Why We Fall for Texting Scams (and How to Stop) How to Use URL Shorteners With Permanent Redirects How to Add Microsoft Teams to Outlook Windows Defender Security Center: What It Is and How to Use It How to Update Your Logitech Unifying Receiver Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies