Scammers have been exploiting a vulnerability within Microsoft's email system, enabling them to send spam emails from a legitimate Microsoft address typically used for authentic account alerts.
While the exact method of exploitation remains unclear, the scammers have managed to create new Microsoft accounts, using them to dispatch emails that appear to originate from Microsoft itself. This tactic may mislead recipients into believing the messages are genuine.
Reports indicate that Microsoft has not yet effectively addressed this issue. Recently, numerous emails with suspicious content were sent from [email protected], an account Microsoft uses for critical notifications like two-factor authentication codes.
These emails often included subject lines mimicking official alerts about fraudulent transactions, alongside messages claiming recipients had private messages waiting for them at a specified web address.
The Spamhaus Project, an anti-spam organization, noted on social media that it had also observed the misuse of Microsoft's account notification email for spam purposes, indicating that this activity has been ongoing for several months. They criticized the level of customization allowed in automated notification systems and confirmed they have informed Microsoft about the situation.
A Microsoft representative acknowledged inquiries regarding the issue but has not provided any updates or confirmed whether measures have been taken to halt the misuse of its email accounts.
This incident is part of a broader trend where hackers and scammers exploit corporate systems to deceive unsuspecting customers. Earlier this year, a similar breach occurred involving a platform used by the fintech firm Betterment, which sent out fraudulent notifications promising unrealistic returns on cryptocurrency investments.
Additionally, in 2023, hackers misused an email account from Namecheap to distribute phishing emails aimed at stealing user credentials. Users have also reported that other companies' email addresses are being similarly exploited, suggesting a widespread problem beyond just Microsoft.
