Pages

Cybercriminals Are Using Microsoft Accounts for Phishing Landing Pages

If you ever receive an email with a link you need to be really careful before clicking on it because of the fact that this is the sort of thing that could potentially end up letting your account get compromised. Cybercriminals have been posing as legitimate companies for quite some time now, and they often create a landing page that looks quite similar to the login page for a service that you use so that you enter your details without being any the wiser.

With all of that having been said and now out of the way, it is important to note that around 73% of all phishing attacks are using landing pages that are designed to mimic Microsoft products specifically. This should come as no surprise as these malicious actors are obviously going to target services that have large numbers of users, but this also means that Mac users might be a bit safer with all things having been considered and taken into account since there aren’t a lot of phishing attacks that mimic Apple service pages.

If your account gets compromised, there is a 20% change that the bad actor will access it within the first hour. Around 91% of compromised accounts end up getting accessed within a week, which means that if your information gets into the wrong hands there is a strong likelihood that it will become a problem for you down the line in a way that you would not be all that comfortable with.

Malicious actors often harvest this data not so that they can use it on their own but rather so that they can sell it on the dark web for a profit. Microsoft has been a big part of the remote working boom by offering enterprise software and the like which means that there are millions of users out there that are signing up for services for the first time and they might not be used to the emails that these services would send. This increases the chances that they might get fooled by an attempted phishing attack which is why it is so important to be cautious.


H/T: Agari.

Read next: An Android Trojan named Xenomorph can target over 56 banking, finance applications

No comments: