This new password scam is the new nightmare for French companies. To put it simply, it is a phishing campaign, linked to the Microsoft 365 account. This information will be essential to you, if you do not want to be fooled.
The technique of fishing, or phishing
Do you know a little about fishing? You have to bait the fish so that they start taking the bait. It is the same principle that the scammers have decided to put in place, this time, in order to obtain personal information. Of course, it is in order to be able to steal something that they do it.
As a result, they are doubling their ingenuity to find on which platform users will be able to enter their password. All accounts requiring a connection or identification can be used for this purpose. Hence the idea of the Microsoft 365 account.
password scam
If the purpose of this scam is not to collect personal information including the bank account, it is nonetheless dangerous. Microsoft 365 is a tool from Microsoft that offers several features. To access it, you must have a Microsoft account and therefore, necessarily a password. The scammers had the good of tricking users into sending them a notification. Like what their password will soon expire and must be replaced.
To be able to replace it, the victims follow the steps of the procedure provided by the scammers to the letter. Obviously, an obsolete procedure, which only serves to collect the personal information of the victims. It should be emphasized that everyone, any user is a potential target. Corporate CEOs are no exception, and are of even more interest to scammers.
What purpose ?
If unlike the usual phishing scams, the latter only captures personal information, it is no less dangerous. In effect, once the scammers collect the data on such and such a user, they resell them on the darknet.
From then on, criminals are free to do what they want with it. Hence the real danger of this kind of scam. Caution is always in order.