devtake.dev
AI Security Hardware Open Source Policy Apple

#entra-id

RSS
Related: #credential-theft · 1 #dmarc · 1 #email-security · 1 #microsoft · 1 #phishing · 1 #security · 1 #spamhaus · 1
The Microsoft corporate logo, the brand the scam emails are spoofing through Microsoft's own legitimate notification infrastructure.
Security·

Scammers turned a Microsoft notification address into a spam relay. The emails pass SPF, DKIM, and DMARC.

Spammers found a Tenant Name injection in Entra ID that pushes fraud text into Microsoft's own OTP emails. The from-line reads msonlineservicesteam@microsoftonline.com.