New phishing scam targets Microsoft user login details

New phishing scam targets Microsoft user login details

Malicious emails were discovered on 8 January

Credit: Dreamstime

A new zero-day phishing scam using the name of commercial real estate firm CBRE, has emerged on 8 January.

The messages contained a link purporting to be a scanned PDF document from a Xerox multifunction printer. In one instance, the email was sent from temp2 email address.

According to email filtering company, MailGuard, who detected the phishing scam, the link leads to a website designed to harvest recipients' Microsoft login details.

"MailGuard has successfully blocked the email sender domains associated with this scam," the company wrote in a blog post, suggesting more than one domain was used in this attack.

Screenshot (MailGuard)
Screenshot (MailGuard)

This was one of three scams MailGuard detected on 8 January.

A fake Suncorp email was picked up by the email filtering company and was being sent out in "large numbers".

The messages had SunCorp Insurance or Health Insurance as the sender, however the emails were coming from a compromised MailChimp account.

These emails asked recipients to download insurance documents by clicking on a link, which pointed to an archived JavaScript file.

JavaScript files are often used in scams and usually contain malware such as trojans, keystroke loggers and ransomware.

Last year, a phishing scam impersonating Microsoft Office 365 hit Australian inboxes, impacting local organisations across the country.

The fake email, which began landing on 30 November 2017, was a simple HTML message telling recipients they needed to upgrade their accounts as they have gone over their quota.

The sender details picked up in the Microsoft messages contained a display address of  theresa(at)vistamfg(dot)com and a sending address of t.beasley(at)vistamfg(dot)com.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags zero-dayphishing scamCBREfake emailMicrosoft accounts

Show Comments