Breaking 18:18 Startup plans first space mirror to deliver sunlight on demand, raising scientific concerns 16:05 Google unveils major update to Google Images after 25 years 16:00 U.S. House Republicans unveil $95 billion spending blueprint for defense, election and agriculture priorities 14:59 Morocco formalizes participation in international stabilization force for Gaza 14:32 World Cup 2026 final to feature extended halftime show with global music stars 14:30 Progressive posts higher quarterly profit as auto insurance demand remains strong 13:45 U.S. cyber espionage case shines spotlight on former Kaspersky employee accused of hacking 13:41 Roscosmos and Nasa agree to extend International Space Station operations through 2030 13:05 Poll finds majority of Americans oppose military action against Iran 12:45 E. Jean Carroll receives $5.62 million following civil judgment against Donald Trump 12:16 Google AI chief calls for independent regulator to test advanced artificial intelligence systems 12:00 China rejects US sanctions plan targeting buyers of Russian oil 12:00 Historic heat wave puts nearly 100 million people under alerts across the United States 11:25 US freezes over $130 million in cryptocurrency linked to Iran 10:16 Democratic lawmakers criticize US policy toward Cuba after congressional visit 10:02 ASML includes Terafab demand in chip equipment expansion plans for 2027 and 2028 10:00 Iran–US tensions escalate as Strait of Hormuz security raises global trade concerns 09:31 Oscar-winning actress Ellen Burstyn to receive Venice Film Festival Golden Lion for lifetime achievement 09:30 Family of detained US seismologist urges China to release scientist held on espionage charges 20:45 Trump claims Iranian vessels would be barred from Strait of Hormuz transit 20:20 Rubio vows to weaken International Criminal Court amid renewed U.S. campaign 19:53 FIFA offers authenticated 2026 World Cup final pitch memorabilia for collectors 19:33 Moroccan-American referee Ismail Elfath appointed for Argentina vs. England World Cup semi-final

Scammers send phishing emails from official Microsoft address

Friday 22 May 2026 - 08:31
By: Dakir Madiha
Scammers send phishing emails from official Microsoft address

Phishing operators have exploited a vulnerability in Microsoft’s email notification systems to send fraudulent messages from a legitimate internal address used for security alerts and authentication codes. The abuse involves the address msonlineservicesteam@microsoftonline.com, which normally delivers two-factor authentication codes and account notifications to hundreds of millions of users worldwide. The misuse gives attackers a powerful way to bypass user suspicion by appearing as trusted system communication.

The attack appears to rely on creating or compromising Microsoft accounts and leveraging them to trigger automated system emails that carry fraudulent content. In some cases, attackers replicate security alerts warning of unauthorized transactions. In others, messages direct users to external links embedded in the email body. Because the messages originate from a legitimate Microsoft-controlled infrastructure, they often pass basic authentication checks and appear authentic to recipients.

Security researchers have also documented related techniques involving Microsoft’s identity management system, where attackers manipulate tenant configuration fields to inject deceptive text into automated notifications. This method can alter subject lines and message content in system-generated emails, including fake purchase confirmations or cryptocurrency-related alerts. The result is a hybrid form of phishing where legitimate infrastructure is used to generate convincing fraudulent communications at scale.

A cybersecurity monitoring group has reported that the same Microsoft notification address has been abused for months to distribute spam and phishing messages. The group has flagged the issue to Microsoft and warned that such levels of customization in automated notification systems create structural risks for abuse. Microsoft has acknowledged inquiries but has not publicly detailed corrective measures. The incident reflects a broader trend in which attackers increasingly target trusted enterprise communication systems rather than relying on external spoofed domains. Users are advised to avoid clicking links in unexpected security emails and to verify account activity directly through official platforms.


  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.