How to Prevent a Microsoft Forms Phishing Attack

    How to Prevent a Microsoft Forms Phishing Attack
    Shutterstock

    Phishing attacks are leveraging online surveys created with Microsoft Excel and Forms. As such, it’s best practice to be cautious when dealing with unsolicited links to forms.office.com or onedrive.live.com. Although these are official Microsoft websites, they are (of no fault of Microsoft’s) being utilized in these attacks.

    How the Attack Works

    Cybercriminals are using the survey creation tool in Microsoft Office Excel and Forms as a tool to deliver phishing attacks. Below are some examples.

    How to Prevent a Microsoft Forms Phishing Attack_HR Survey Phishing_20230123
    HR survey phishing attack

    The survey link in the HR email above leads to a phishing form hosted on Microsoft OneDrive.

    How to Prevent a Microsoft Forms Phishing Attack_Fake Survey Page_20230123

    Notice how the formatting of the word “Password” is unusual. It’s done this way to avoid automatic detection by web scanners.

    How to Prevent a Microsoft Forms Phishing Attack_Voicemail Phishing_20230123
    Fake voicemail phishing scam

    In the example above, the email claims the receiver has a voicemail message. However, when the link to the message is clicked, it leads to a phishing survey.

    Such emails will often say the receiver has mailbox sync issues, unread emails, new voicemails, or unpaid invoices. However, attackers are always coming up with new deception tactics.

    Why It’s Successful

    Scammers use Microsoft Excel and Forms for this scam for a variety of reasons.

    1. Because the links will always start with either forms.office.com or onedrive.live.com (both legitimate Microsoft URLs) a lot of people won’t question the forms’ trustworthiness.
    2. Due to the URLs being genuine, many potential victims may let their guard down.
    3. Automatic security filters may not successfully detect such emails/links as malicious because the URLs lead to legitimate Microsoft websites.

    How to Protect Yourself

    Although Microsoft has practices and policies in place to detect and thwart such phishing scams, there are things you should do to protect yourself and others against these scams, too.

    • Beware of suspicious email addresses — especially ones sent from email providers such as Gmail or Outlook.
    • Never enter sensitive information, such as your password, into online forms or surveys.
    • If you see a suspicious survey that you believe may be a phishing attack in disguise, click “Report abuse” at the bottom of the survey and follow the on-screen prompts to report it as malicious.
    How to Prevent a Microsoft Forms Phishing Attack_Report Abuse_20230123
    • Never click on links or attachments from unknown sources. Use Trend Micro Check to surf the web safely (it’s free!).
    • Add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:
    Post a comment

    Your email address won't be shown publicly.

    0 Comments