A recent phishing scam has been identified, leveraging PayPal’s money request feature and Microsoft 365 to deceive users. This sophisticated phishing attack involves scammers registering a free Microsoft 365 test domain and creating a distribution list with targeted email addresses.
The scam happens with the scammer sending in a PayPal request to the distribution list. With Microsoft’s Sender Rewrite Scheme (SRS), it modifies the sender address, allowing the email to bypass authentication checks and appear legitimate. Recipients who receive the payment request email may panic with the request and immediately click the link that leads to a fake login page, allowing the scammers to gain access to their PayPal account once users enter their credentials.
As scams like these are becoming more sophisticated, cybersecurity firms recommend training employees and implementing Data Loss Prevention (DLP) rules to help flag emails involving multiple recipients from a distribution list. As well as utilizing advanced AI tools to analyze patterns and user behaviors to provide proactive detection of these attempts.
#CyTech #cybernews #cybersecurity #ciso #cisoworkplace #phishing #PayPal #Miscrosoft365
Leave a Reply