14 DAY TRIAL // Cybercriminals have deployed a new malicious campaign that aims at collecting the login data for the Microsoft account of unsuspecting users.
The email purports to be from Microsoft and alerts the user that their email account has reached the maximum number of messages sent and received. In order to be able to use the email service again, all they have to do is follow a link and verify the account.
Clicking on the link leads to a phishing page for Microsoft Hotmail, according to OTA, and once the login details are entered, they are automatically collected by the crooks.
The risk is significant for users of Microsoft services because these credentials are part of the Microsoft account and allow access to other products of the Redmond company, such as Outlook.com, OneDrive, Windows Phone, or Xbox LIVE.
Anyone who knows how the web email services work can easily spot the scam, because there is no such thing as a limit to the amount of messages exchanged.
To make the message seem authentic, the cybercriminals inserted the email address of the potential victim in the malicious link.
Any user that has fallen into this trap is advised to immediately proceed to change their password.