Office 365 Phishing Strategy Tricks Users With Live Chat Support

Phishing attacks have now become something of a daily occurrence for many. Yet, the reason why these malicious campaigns remain successful lies in their creativity. Once again, we hear of a creative phishing technique that involves tech support as well. We are talking about an Office 365 phishing campaign that cons users by providing live chat support.

Office 365 Phishing Site Offers Live Support

A security researcher Michael Gillespie has recently unveiled a phishing campaign that exploits Microsoft Office 365. However, it does not target any MS Office tool or feature, rather the phishing comes up as a tech support scam.

Michael Gillespie, the creator of ID Ransomware, first discovered this Office 365 phishing scam. He then shared his discovery publicly via a tweet.

According to Bleeping Computer, Gillespie came across a fake tech support website for Microsoft Office 365 after he received a spam email from a fake Microsoft account. The email allegedly alerted him for renewal of his Office Suite subscription. However, the researcher spotted that fake email address that goes info(at)officefamily(dot)us. Here, the word “officefamily” may fool some users to the legitimacy of the email.

Upon clicking on the provided link, the researcher reached a fake tech support website “mso365[.]tech”. According to his observation, the website had a very poor design that won’t really trick any savvy Office365 user. However, what made this site attractive was the presence of a live chat support option powered by tawk.to.

Tawk.to Banned The Scammers

After Gillespie reached the scam website and noticed the chat support, he thought to give it a try. He then conversed with the alleged chat agent only to find is speculations correct. He also shared his conversation publicly by mentioning the link in his tweet.

As revealed, the scammers asked him to provide his email address and account details to provide support. However, the alleged chat agent ended the chat the moment Gillespie typed in his message “Yes. This site is a phishing scam.”

Gillespie brought this matter to the notice of tawk.to, who then banned the ‘bad actor’. However, they were quick to go live again.

Once again, the researcher interacted with their live support and found that the scammers are now interested in obtaining phone numbers. Gillespie then reported tawk.to once again. As a result, tawk.to banned the domain of the scammers at once.

Nonetheless, it does not indicate that the scammers won’t come into action again. Therefore, one should be very careful while clicking on links given in emails, and while communicating with any online tech support.

Recently, phishing attacks exploiting Facebook Login and LinkedIn direct message feature also came into limelight. Perhaps, one should remain cautious while interacting any third-parties altogether.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients