Office365 Phishing Scam Office365 Phishing Scam | Page 2

Statistics reveal that the average number of identity thefts in America due to unauthorized access
to email accounts mounted to 27 million in last five years. In addition to this approximately
30,000 websites become victims of hackers on a daily basis.
Office365 Phishing Analysis
A new form of phishing attack detected displays a prompt of Office365 Fake login page that asks
user to enter their Office365 credentials to login. The email service sign in screen also
adds ©2017 PROTONMAIL.COM underneath to gain user confidence. If users fall in the trap
and enter their credentials, their email accounts become a victim of unauthorized access. This
information could in turn be used to breach user security and privacy and expose their identity.
The phishing is known to originate from suspicious browser extension, an unwanted program
installed on user system.
Users need to be cautious and are recommended to immediately take actions to remove the scam
from their system on encountering Office365 pop –up on their browser screen.
Office365 Phishing virus- Threat Behavior
Office 365 scam virus is believed to be distributed via software bundles, spam email attachments
and malevolent links.
1. Once installed, the virus targets Windows Registry Editor to achieve persistence installation and
automatically launch the infection on system reboot.
2. Users are prompted with different sign in screens other than the ones from Office365, to trick
users into stealing credentials of other services.