Retarus' CERT warns of phishing emails that direct recipients to a form created with Microsoft Forms.
There they should reveal the login data for their account. Apparently your security settings are outdated and need to be renewed. Retarus reported this in a press release.
“Dear User,
You are still using the old mail security settings for m_____.h____@r_____.com,
Please visit the maintenance portal below to automatically switch to the new mail settings to avoid service interruption and delays in outgoing/incoming mails.”
The phishing email, written in English, is obviously aimed at company users and asks the recipient to change the settings of their email account in a maintenance portal.
[mk_ad]
The corresponding link leads to a form created with Microsoft Forms in which you should log in with your email address and the associated password.
“With this password, users not only reveal access to their emails,”
emphasizes Martin Mathlouthi, Product Line Manager Secure Email Platform at Retarus.
“Since single sign-on is common, it is also the password for the Active Directory and can give phishers access to additional company data.”
Recipients who receive emails from “IT Support” should look closely, advises Martin Mathlouthi. In contrast to other phishing emails, the text is written largely without errors; only one word is misspelled. However, although the sender says “IT Support”, the email address provided does not belong to your own company or to any support service provider that may be employed.
[mk_ad]
There are also indications of attempted fraud in the form provided. Apparently to circumvent Microsoft's own security mechanisms, the word "password" partly consists of special characters.
Companies that use the proven security mechanisms of Retarus Email Security Services . The time-of-click protection of Retarus Advanced Threat Protection blocks access to the corresponding Forms form. Companies that protect themselves with the patented Retarus Postdelivery Protection “Patient Zero Detection” ® are also warned about phishing emails that have already been delivered.
Related to the topic: Amazon phishing: “[YOUR RECEIPT] – ! successfully verified!”
Source: Retarus
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

