Phishing Scam Targets Microsoft 365 Users
Thursday, August 7, 2025
Cybersecurity researchers have discovered a new phishing campaign targeting Microsoft
365 users. The scam uses seemingly safe links to trick recipients into giving up their
login credentials, and the emails are becoming increasingly convincing.
To help keep the Seton Hall community safe, the Department of Information Technology is sharing details of the scam and steps you can take to protect yourself.
Recognizing the Scam
These phishing emails are designed to look like routine Microsoft notifications, making them easy to mistake for legitimate messages. Some mimic voicemail alerts with a link to "listen" to a message, while others appear to come from Microsoft Teams, prompting you to view a document or reply to a message. The goal is to create urgency and get you to click quickly.
Clicking the link takes you to a fake Microsoft 365 login page that looks convincing but is built to steal your username and password.
What makes this scam harder to spot is that attackers are using trusted tools to hide the malicious link. They start by shortening the link with a service like Bitly, then pass it through email security tools such as Proofpoint or Intermedia. This two-step redirection conceals the true destination and helps the message bypass filters.
Some emails may also include image files or embedded code to further disguise the attack. Unlike standard image formats like JPEG or PNG, SVG files are written in code, allowing attackers to hide links or scripts inside something that looks harmless.
Protect Yourself
If you receive an unexpected message asking you to check a voicemail or view a Teams file, especially if it includes a suspicious or shortened link, pause and take a closer look. Hover over the link to see where it leads. If something feels off, don’t click. Always verify with the sender using a separate communication channel.
Here are a few steps you can take to stay protected:
-
Change your password immediately: Use a strong, unique password with a mix of uppercase and lowercase letters, numbers and special characters, and should be easy for you to remember but hard for others to guess.
-
Enroll in DUO 2FA: All Seton Hall users are required to enroll in two-factor authentication. DUO provides options like push notifications, text messages or passcodes to verify your identity when logging in. Always approve only the login requests you recognize. If you’re unsure or did not initiate the request, it’s safest to deny the notification.
-
Report suspicious emails: If you receive an email that appears suspicious, please use the "Report Phishing" button in Outlook or forward the email to [email protected].
-
Keep your devices up to date: Keep your devices and applications updated with the latest security patches to help protect against known vulnerabilities.
Stay Vigilant
While phishing attempts are constantly evolving, your best defense is staying alert and informed. If you notice any suspicious activity on your accounts, contact the Department of Information Technology immediately by submitting a service desk ticket on the Technology Service Desk portal.
We are here to support you and help keep our community safe.
Categories: Science and Technology