publishing date icon
February 28, 2023
read time icon
5 min. read

Hackers trick people by making them believe they have been hacked in order to hack them

Post hero image

Table of contents

A new phishing campaign has been discovered that uses an email template similar to Microsoft's official email. The campaign aims to trick users into thinking that their Microsoft account email has been hacked and used as a recovery email address for a random Gmail account.

The email prompts the victim to remove the account as a recovery email by clicking on a button. However, the payload is most likely intended to lead to a Microsoft credential harvester. Although the payload does not load anymore, the attack was still able to convince users to click on the button.

The giveaway that this email is not genuine is the poor resolution of the logo. However, not all users may be able to detect this red flag, making the campaign potentially dangerous.

Off the hook – How to detect the attack and protect your organization from it

It's important to be vigilant when receiving emails from Microsoft or any other service provider. Users should check the sender's email address and look for any suspicious elements in the email. Additionally, hovering over links before clicking can help users identify potentially dangerous URLs.

In conclusion, users should be careful when receiving emails from seemingly reputable companies such as Microsoft. Always double-check the authenticity of the email before clicking any links or buttons. By being vigilant, you can avoid falling victim to phishing campaigns and safeguard both your personal and professional information.

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.