Microsoftonline.com email accounts Phishing

Recently we have seen an uptick in Phishing attacks from <name>@<something>.microsoftonline.com accounts.  These attacks are primarily seeking to gain access to an individuals Microsoft account login information but what is really chilling is the email's content includes a list of other accounts within the group.  For example, email sent to A1@**** with a subject of "Your Office 365...statement is ready" and lists each email address within the account.

If the users' email was routed to Microsoft Outlook could be used to report the issue.  These users obtain their emails through another source, so Outlook.com abuse reporting is not available.

What we have done is capture the metadata from the email, trace the owner of the <name>@<something>.microsoftonline.com, etc.  The information is then provided to FBI Cyber Crime unit.

What is chilling is the level of accuracy of the accounts listed in the email.  How would a general (non-Microsoft) MicrosoftOnline.com account get access to the emails associated with a subscription that they do not have access too?  

Anyone else seen this patter?

 

Question Info


Last updated September 4, 2019 Views 1,837 Applies to:
Answer
Answer
Hi DDFMS,

Thank you for posting your issue on Microsoft Community. Based on the description, I understand that users received a message that should be classified as a phishing scam.

If the users receiving phishing email in their Outlook.com account. Here's the article for your reference: How to Deal with abuse, phishing, or spoofing in Outlook.com

However, you can also use email to submit messages to Microsoft that should be classified as phishing scams, as described in the following procedure under Use email to submit junk (spam) or phishing scam messages to Microsoft

Your time and understanding will be highly appreciated.

Best regards,
Shyamal
-------------------------------------------------------------
If you feel a reply works for you, please kindly vote or mark it as it will be beneficial to other community members reading this thread.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.