Islamabad, Nov 21: A concerning scam targeting Microsoft users has emerged, exploiting a vulnerability in the Microsoft 365 Admin Portal to send fraudulent emails from what appears to be a legitimate Microsoft.com address.
These deceptive emails bypass spam filters, land directly in primary inboxes, and use tactics of fear and urgency to demand payments, typically in Bitcoin.
The scammers use a strategy called sextortion, claiming to possess compromising images or videos of the recipient. They threaten to expose this content unless the ransom is paid.
Some emails include personal details, such as birthdays, to enhance their credibility, though these details are often sourced from public records and do not validate the scammer’s claims.
How the Scam Works
Hackers exploit the Message Center “share” feature—a legitimate Microsoft tool for notifications—to make their emails seem authentic. The messages mimic official communications and prey on recipients’ emotions to coerce compliance.
Identifying Fake Emails
Here are signs to watch for:
- Cryptocurrency demands: Microsoft will never request payment in Bitcoin or any other cryptocurrency.
- Threatening language: Genuine Microsoft security alerts are transparent and do not use coercive tactics.
- Sensational claims: If the email makes extreme accusations or demands, it is likely a scam.
What to Do
- Do not respond: Engaging with scammers can escalate the situation.
- Do not pay: Paying ransom encourages further exploitation.
- Report and block: Use Microsoft’s official channels to report the message and mark it as spam.
Stay Safe
Microsoft is actively investigating the issue, but awareness and caution are your best defenses. Remember, legitimate emails from Microsoft will never demand Bitcoin or use threats. Share this information to help others avoid falling victim to such scams.
