Forgot password?


Sophisticated phishing email targets Microsoft Office users 

DigitalXRAID’s Security Operations Centre Analysts have spotted an ongoing series of phishing attacks which are using fake Office 365 notifications to attempt to gain access to Microsoft Office accounts. The purpose of the emails is to ask the recipients to review blocked spam messages, linking users directly to a phishing landing page with the purpose of stealing their Microsoft credentials.  

What makes the phishing emails so convincing is the use of the (quarantine[at]messaging.microsoft.com) email address and template which is sent to their targets and the display name which matches the recipient’s domains.   

This phishing attack is one of the most sophisticated attempts at imitating a Microsoft email that we’ve ever seen and we want to be sure that everyone, not just OUR customers who we’ve already sent alerts to, remain vigilant. The email is made to look like an innocuous spam quarantine message – something most people are used to seeing, but don’t pay a lot of attention to and wouldn’t necessarily question. The email also preys heavily on a user’s sense of curiosity, by stating that they have quarantined messages, but not showing what they are within the email message itself. 

Office 3

Source Bleeping Computer

What action can you take? 

We advise all clients, partners, associates and readers to exercise caution when opening any unexpected emails. As always, ensure that the sender is legitimate and trusted before following any links or opening any attachments.  

Always remember:  

  • Question emails and check for spelling and grammatical errors 
  • Remember to hover over (but don’t click on) hyperlinks that look suspicious to see where they go 
  • Double check links and email addresses to make sure they’re the real thing and not a fake look-alike 

If in doubt, check with your IT team or SOC Team and we advise any Microsoft Office users to raise awareness with your staff as a preventative measure.  

DigitalXRAID Analysts continue to monitor the situation and will provide updates should further details become available. 

If you think you’ve suffered a breach or are under attack and need emergency help, call or email us now. We’re open 24 hours a day, 7 days a week.

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert


Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]