Microsoft is facing new cybersecurity concerns as the company's internal notification email system has been exploited by scammers to spread spam and fake links to users for months.
According to feedback from many cybersecurity experts, these emails are sent from the address: "msonlineservicesteam@microsoftonline. com", which is an account that is used to send two-layer authentication codes, security warnings and important notifications related to user accounts.
What makes the case serious is that the fake emails have a form quite similar to Microsoft's official letter.
Some fake emails are titled as warnings about detecting unusual transactions or accounts showing signs of being hacked, in order to make users worried and click on the attached link.
Some other emails notify recipients that they have "private messages" or request verification of account information to lure them to access fraudulent websites.
Links in emails often lead to fraudulent websites to steal personal data, login information or spread malware.
It is not yet clear how the fraud group exploited Microsoft's system. However, many sources say that the subjects may have created a new Microsoft account as a valid customer, then abused the access to spread emails through the company's automatic notification system.
The non-profit spam prevention organization said it has detected this situation for "a few months now".
According to Spamhaus (a non-profit organization specializing in tracking, detecting and preventing spam and online scams), an automatic notification system should not allow content customization to the extent that it can be exploited to spread spam or scams.
The organization also confirmed that it had notified Microsoft of the incident. However, so far, the US technology company has not made a detailed comment or confirmed that it has completely fixed the vulnerability.
The case continues to show the increasingly sophisticated trend of cybercrime when taking advantage of the infrastructure of large companies to carry out fraudulent acts. When emails are sent from official addresses, users tend to trust more, while spam filters also find it difficult to detect abnormalities.
This is not the first time the systems of technology businesses have been exploited in a similar way. At the beginning of this year, the financial platform was exploited by hackers to send notifications to spread cryptocurrency scam tricks.
Previously, in 2023, domain name providers were also exploited for email accounts to send fake letters to steal user login information.
Many opinions on social networks say that a similar situation not only occurs with Microsoft but also appears in emails of some other companies, suggesting that this may be a broader issue related to the authentication mechanism and automatic email system management.
Network security experts recommend that users should not rush to trust emails in the name of large businesses, even if the sender's address seems valid.
Users need to carefully check the domain name of the link, avoid directly clicking on strange links and activate two-layer authentication to enhance account security.
