Beware of this Office 365 Phishing Scam

Recently, a host of new Office 365 phishing scams have taken resurgence. Phishing emails are widely used and are often one of the most successful ways cyber criminals gain access to business networks.

Industries like journalism, office administration, legal, marketing, sales and human resources have a higher risk when it comes to phishing emails because their position requires them to open links and engage with strangers.

This campaign of attacks has targeted government agencies, industrial organizations, financial firms, universities, and more. The phishing emails in the images below managed to get through quality, third party email filters. All of the emails reference Office 365, which means Office 365 users are being targeted specifically.

How to Recognize the Scam

As a user – and the last line of defense, it’s important to educate yourself about ways to recognize this scam.

Some of the signs to watch out for include:

  • A warning that your PC is infected. The warning will typically state call Windows support (or tech support, help desk, etc.) now at XXX-XXX-XXXX, but it will rarely say “Microsoft Support”.
  • The warning might be partial or full screen, but it will be difficult to close the window and clicking the close button (the X) will not allow you to exit from the popup. You’ll need to end the task via the task manager to close the alert box.
  • You might hear pre-recorded audio announcing the alert.
  • These warnings have been reported on perfectly legitimate websites. They are usually harmless (as of now) unless you follow the instructions on the alert.
  • Warning messages have been observed on all browsers and operating systems. Your pop-up blocker will not block these alerts. It’s best to clear your browser history after encountering one of these messages and follow that up with a virus scan.
  • The best defense is user education, email filtering & multi-factor authentication (especially if using Office 365 – since you’re already paying for it!)

How this Scam Works

According to, there is a pattern this phishing campaign follows that begins by sending emails in an attempt to collect logins for Office 365 accounts. Once credentials are gained, the attackers target the victim’s address book which is often filled with business and personal contacts.

During the second stage of attack, they use the first victim’s existing relationships as an ice breaker by using informal subject lines like “FYI” to get the victim to lower their guard and take action. This cycle is repeated again and again.

The harvested credentials are used to access anything the victim has access to – cloud storage through One Drive, SharePoint, Skype – the potential for damage is great.

Phishing Examples

Below are actual screenshots of phishing emails targeting Office 365 users to give you an idea of what this scam looks like.

Above All Else

If you see one of these warning notices or phishing emails, do not interact with it under any circumstances.

Do not call them, do not give them access to your PC and do not give them your credit card information. If you did provide them with your payment details, credit companies may decline the charge, but you’ll still want to cancel your card since they now have your credit card number.

If access was allowed, remediation/replacement options should be evaluated.

When in doubt, give Ontech’s support team a call at 262-522-8560 or contact us online and we’ll gladly assist you. We can help you ensure that proper measures are taken so those emails don’t find their way into your inbox again.

Ready To Talk?

A quick 10-minute call is all it takes to see if we’re a good fit.  If we aren’t for whatever reason, we’ll point you in the right direction.

enterprise network discovery

Identify Hidden Security Loopholes in Your Network

For a 100% complementary audit of your current network, infrastructure, server(s), PC’s, backup, security performance, reliability and a Q&A session with our network consultant, register for a Free Network Discovery.

Ontech Systems, Inc

Ontech Systems, Inc.
N85W16186 Appleton Ave
Menomonee Falls, WI 53051

Hours: M-F 8am-5pm

Follow Ontech Systems

Copy link
Powered by Social Snap