New phishing attack pretends to be an Office 365 non-delivery message

Reading time icon 2 min. read

Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

A new phishing attack has recently been discovered that pretends to be an Office 365 non-delivery message in order to steal your credentials.

The attack was first discovered by ISC Handler Xavier Mertens and states that “Microsoft found Several Undelivered Messages”. It then prompts you to click on the “Send Again” link in order to try sending the emails again. Once the user clicks on the “Send Again” link, it opens a website that looks identical to that of Microsoft’s login page. The page will then ask the user to input their password which will activate a Javascript called sendmails() that will send the email address and the password to the sendx.php script and then redirect the user to the legitimate Office 365 login URL.

While the email looks pretty legit, there are ways to prevent falling for these phishing attacks. The first and foremost indication is the “Send Again” box. Microsoft never gives an option to send emails again after they have failed. You will have to go back to your Outlook and send them manually. Secondly, failure messages arrive almost instantly after you send an email. Last but not least, always check for the link in the address bar and make sure it’s secured and is the official website.

Via: Bleeping Computer

More about the topics: microsoft, microsoft office 365, phishing attacks