Cybercriminals send genuine looking blackmailing emails
Cybercriminals have discovered a new method to send extortion emails: They do this by abusing the Microsoft 365 admin portal. This trick allows them to bypass spam filters and land directly in their victims’ inboxes.
New scam for blackmail emails
In addition, the whole thing seems extremely realistic and, according to the initial reports, the approach to the victims is also well done, unlike other blackmail emails. The sophisticated scam is currently making the rounds. Cyber criminals have found a way to abuse the Microsoft 365 admin portal for their own purposes. With this method, they send so-called “sextortion” emails, which end up directly in the recipient’s inbox due to their apparent legitimacy.
The fraudsters achieve this by directly using the message center of the Microsoft 365 Admin Portal, which is actually intended for official notifications about services and functions.
Bypassing spam filters
Like the IT news site Bleeping computers According to reports, the criminals cleverly bypass the usual spam filters. The reason: The messages are sent from a trustworthy Microsoft address (o365mc@microsoft.com). This means that security systems classify them as legitimate and do not screen them out. The cybercriminals simply use the “Share” feature to spread their fraudulent messages. These emails then appear to come directly from Microsoft, which makes them particularly dangerous.
Content of the blackmail emails
The content of these emails follows a familiar pattern:
- The scammers claim to have compromising material about the victim.
- They threaten to publish alleged recordings or images.
- Payment in cryptocurrency is required within a certain period of time.
- The amounts required are between around 500 and 5000 euros.
To make the claims appear credible, criminals often include personal information such as dates of birth in their messages. This information often comes from previous data leaks and increases the pressure on victims because the whole thing looks even more realistic with lots of real data. Computer crime: Where cyberattacks originate
Technical details of the scam
Microsoft has confirmed that they are investigating the issue, but so far no server-side checks have been implemented to block such messages. The scammers appear to be exploiting a vulnerability in the “Personal Message” field of the Microsoft 365 Message Center. Although this field is actually limited to 1000 characters, they get around this limitation by manipulating the HTML code.
Recommendations for those affected
Those affected should first understand that, despite the impression of being “official”, it is only an attempted fraud. Microsoft recommends the following steps:
- Ignore such messages.
- Under no circumstances should you accept the demands.
- Forward the emails to the relevant authorities.
- Notify Microsoft of the abuse.
This scam shows how creative cyber criminals are when developing their fraud attempts. They specifically exploit vulnerabilities in trustworthy systems to deceive their victims. This makes it increasingly difficult for users to distinguish legitimate from fraudulent emails.
The creativity of cybercriminals knows no bounds. It’s a constant race between security experts and fraudsters. An anonymous IT security expert
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.