The discovery of phishing attacks recently on Azure AD and Microsoft 365 sign-in pages has brought Microsoft Experts under the weather. In the realm of modern Microsoft technologies, Microsoft this comes out as a surprise for Microsoft users out there (and experts too!)
The news has come with a big blow to Microsoft Experts and developers. Microsoft, being a Tech Giant in the industry, offers secured systems and updates with the most advanced security protocols and development procedures to combat cyber-attacks like phishing and eavesdropping from its applications.
However, recently, Microsoft Office 365 Advanced Threat Protection (ATP) showed results that phishing and spoofing attempts have been successfully carried out through the new Azure AD sign-in page.
The new Sign-in Page was rolled out three months ago and the initial release dates back to the first week of April this year. Major changes that Microsoft made to the old Azure AD sign-in page include bandwidth requirements for the new updates. The attackers found a vulnerability in the new page and got their hands on the phishing tools to carry out the attack.
The phishing emails are impersonated as official emails by adding subject titles like: ‘Business Document Received’ with a PDF attachment which is a malicious attachment. The attachment asks the recipients to get access to the Document via the Access Document button. Clicking on this button directs the recipient of the email to a sign-in page (similar in design to the Azure AD sign-in page) so that the users enter sensitive information which is stored at the hackers’ systems.