Posted by & filed under Blog.

Office 365

Office 365 is currently used by 1.2 Billion people. It is now the major source for desktop software licenses, exchange email hosting, and also cloud based Office software. It is a behemoth, and a fantastic platform. That is, unless you fat-finger the web address to the login site!

 

The main website to log into your office 365 account to access software/email, is http://portal.office.com. I was trying to log into a new clients account that I am actively migrating, and I quickly mistyped the URL. I typed http://portal.ofice.com (notice how there is only 1 ‘f’), and instantly was sent to a website that was trying to install a virus on my computer. The next time I went to it, it was a phishing scam sign-in page(looked identical to O365’s Portal sign-in page). See the screengrab below to see the virus page.

offic365-phishing-scam

After multiple visits to the site, it appears to utilize a round-robin effect and brings you to different sites. So far I have witnessed the following sites: Phishing scam login for Office 365, Amazon.com and a search for ‘office products’, a site with links to purchase MS Office online, and the virus page. After about 10 different round-robins, now I only see the purchase MS office online page. The scariest one of all is the phishing scam to steal your login credentials. Once they have your account, they have access to all your emails. With that, they can even reset your bank account password, and then transfer all your money to their accounts!

 

Stay safe my friends, and don’t get caught in a phishing scam! Always double check the URL bar to make sure you are signing into the website you want.