Cyber security researchers have uncovered an increase in the number of low-quality phishing scams that aim to trick users into revealing their credentials.
According to a new report from Cofense, there has been a surge in scam attempts using illegitimate and badly created Office 365 credentials update forms.
Potential victims receive an email claiming to be from their organisation’s IT team that tells them their account will expire unless they click the link and update their details.
Cofense note that the criminals behind the scam went to great lengths to appear legitimate. The phishing email originates from a compromised company email account, which allows the scam to bypass basic email security checks.
However, the forms that potential victims are directed to are often littered with grammatical and spelling mistakes.
Phishers use a wide variety of techniques to try and scam users into revealing sensitive data about themselves or the businesses they work for.