Security Firm Warns of Current Microsoft Forms Phishing Attacks -- Redmondmag.com

Security Firm Warns of Current Microsoft Forms Phishing Attacks

By Chris Paoli
07/29/2024

Israel-based security firm Perception Point has uncovered an increase in phishing activity using Microsoft Office Forms to execute a two-step phishing attack.

The company said that Forms, which is Microsoft's free marketing tool for creating quizzes, online surveys and questionnaires, malicious campaigns that begin with targeted victims receiving a malicious email that directs them to what looks like a legitimate Microsoft Form.
These forms, which appear legitimate, contain links that lead to a fake login page mimicking a Microsoft 365 or Adobe account page. Once sent, the attackers then engage in an "external account takeover," to launch the two-step phishing attack.

"In a two-step phishing attack, the attacker first gains access to a legitimate email account and sends targeted emails from this compromised account," wrote Perception Point. "These messages appear trustworthy, prompting recipients to click on a link that leads to a legitimate website. This is the first step, where the attacker uses the high reputation of legitimate sites like Office Forms, Canva, and many others to evade detection."
The second phase then is activated once the user clicks on the link, redirecting them to a malicious page in the goal of targeted victims sharing their Microsoft 365 credentials. What makes this attack so devious is that the redirect URL uses the front facing legitimate URL https://forms.office.com to trick users into clicking.

According to Perception Point, it has seen a dramatic increase in these attacks in the month of July:

**[Click on image for larger view.]** *Figure 1.* The spike in phishing incidents in Microsoft's Forms. *Courtesy of Perception Point.*

While Perception Point offers solutions to mitigate the risk of phishing attacks through Forms and other Microsoft 365 services, Microsoft has what it calls "proactive phishing prevention" built into Forms. The company has an automated machine reviews feature in Forms that detect and flag password collection through surveys and forms. It also has a feature baked in where users can manually flag possible suspicious phishing attempts inside Forms.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

New Features Added to Microsoft's Ph-3 Small Language Models

Microsoft is providing users of its Phi-3 small language models new customization options for its data.
Windows 11 Device Charging Confusion

Is your Windows 11 machine not charging all the way? That's not a bug, it's a feature.
Microsoft 365 and Azure Suffer Widespread Outages

Many of Microsoft's online and cloud services were unavailable on Tuesday morning due to what appears to be a widespread outage, which began a little before 5 a.m. PST.
Microsoft Updates AI Capabilities in Bing

Microsoft has unveiled a generative AI-powered search experience for Bing, aiming to deliver more dynamic and detailed responses to user queries.
Security Firm Warns of Current Microsoft Forms Phishing Attacks

Israel-based security firm Perception Point has uncovered an increase in phishing activity using Microsoft Office Forms to execute a two-step phishing attack.