Update! The latest sophisticated phishing emails.

As always thanks to our great clients. For "catching" this email and sharing it.

Results with human intervention and email awareness works great when you keep your users/staff/remote workers tuned in to the latest information on phishing emails.


Here is a new level of sophisticated phishing emails to obtain your Microsoft 365 credentials with an elaborate scheme or to bait others with control of legit origin emails to be sent to others and/or for sale to other bad actors.

I'll outline these emails to give a summary to how these emails are put together and how they work to trick the recipient to achieve the bad actor's goal of gaining the victim's email account credentials



  • Email has hyperlinks to lead you to believe there is more information to acquire.

  • A new window opens to keep you going with the intended direction of the scheme.



  • Note the aforementioned window does not have any detailed information from the bogus "one drive" origin.

  • Example of misleading hyperlinks point to generic or "sharepoint" "one drive" site setup by the attacker.

  • https://companyname-my.sharepoint.com/:f:/g/personal/onedrive_office365-onedrive-secure-documents_com

  • Instead of a legit hyper link:

  • https:/companyname-my.sharepoint.com:443/:w:/g/personal/name_company_or_persons_name_com

  • The bogus "One Drive" location has a document titled "something", in this case "Scanner_xxxxx.pdf"



  • Under normal circumstances you would be aware of the email coming to you with this material and the link from the "One Drive" owner will open the file and not require you to login because that owner has given you permissions to access that material or files/folders etcetera. There are plenty of YouTube videos on this material at the Microsoft YouTube channel. Microsoft - YouTube


  • If you reach this window (which you shouldn't have) and tried to login with your Microsoft 365 credentials the bad actor has succeeded!



To wrap up this outline, if you get an email from an email address and you have no indications of who/what/why or even if they are promising you the moon and beyond, fall on the side of caution and delete that email. If there is not a way for you to reach-out and contact that email sender then it's safe to say it was bogus.


Please contact us with any questions on this material and of course we always encourage our clients to send/notify us with these emails to verify and check them out.

Great catch on this one! Stay alert/aware out there and keep them coming.


LMB Support.

Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square