• kn33@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 days ago

    I saw one of these recently, too, with Microsoft. Someone opened a 365 tenant and set the name of the tenant to “Thank you for your purchase of Microsoft Defender for $509.99. If you have any questions, please call [attacker controlled number]”

    Then they set their exchange online to forward messages to the intended victim, and requested a password reset email. So the victim ended up receiving an email that came from microsoftonline.com that said “Your password has been successfully changed. Thank you, [scam text]”