As reported in the NCSC’s Weekly Threat Report at the end of last week, Microsoft has warned Office365 customers of a widespread credential phishing campaign using open redirector links.
Attackers use these links alongside social engineering techniques in emails. The links redirect victims to a legitimate Google reCAPTCHA page leading to a fake login page where credentials are then stolen.
The Microsoft 365 Defender Threat Intelligence Team has published a blog on the issue.
The NCSC has produced guidance on how to spot the most obvious signs of a scam, and what to do if you’ve already responded. They also recommend forwarding emails that you’re unsure about to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.
As of 31st July 2021, SERS had received more than 6,900,000 reports, with the removal of more than 55,300 scams and 105,000 URLs.
Further reading:
Reporting
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).