Credential Phish on Microsoft Hosted Site

Here is a phishing email seen that links to and when clicked redirects to a page hosted on These are not spoofing the Microsoft domain. They are actually hosted on servers reached through Microsoft domains.

1 thought on “Credential Phish on Microsoft Hosted Site

  1. Skyraker Beyond says:

    Just had one of our clients get this (except indicating that ‘DUO MFA’ had blocked the file and they needed to click through to the MCV.MICROSOFT.COM address.


Leave a Reply

Your email address will not be published. Required fields are marked *