Breaking 19:15 Trump announces renewed maritime blockade against Iran amid Strait of Hormuz tensions 19:00 NASA seeks four volunteers for year-long Mars mission simulation 17:30 States challenge Paramount’s $110 billion Warner Bros. Discovery takeover in major antitrust lawsuit 17:15 Bosch launches sample production at first U.S. semiconductor plant to strengthen domestic chip supply 14:30 Williams secures $5.3 billion investment from Blackstone-led consortium for power projects 13:45 Iraqi Prime Minister Ali al-Zaidi seeks major US energy investment during Washington visit 12:31 Jay-Z concert delayed in New York after ticketless fans disrupt Yankee Stadium event 12:00 Wall Street banks accelerate AI assistant adoption in race for productivity gains 11:47 US Military Reveals First Combat Use of New Unmanned Weapons in Strikes on Iran 11:30 US Ebola patient infected in Congo transferred to specialized hospital in Germany 10:56 Morrisons explores £600 million property deal with US investor Realty Income, Sky News reports 10:41 US dollar gains as Middle East tensions fuel inflation concerns 09:00 UN chief urges US and Iran to end renewed hostilities and resume diplomacy 08:35 U.S. military says Strait of Hormuz remains open despite rising tensions with Iran 08:30 France’s World Cup journey links Boston and Dallas, two cities tied to John F. Kennedy’s legacy 08:18 Support grows in U.S. Congress for bill seeking terrorist designation of Polisario Front 07:31 Stellantis reports 10% rise in second-quarter vehicle shipments driven by North American demand

Scammers send phishing emails from official Microsoft address

Friday 22 May 2026 - 08:31
By: Dakir Madiha
Scammers send phishing emails from official Microsoft address

Phishing operators have exploited a vulnerability in Microsoft’s email notification systems to send fraudulent messages from a legitimate internal address used for security alerts and authentication codes. The abuse involves the address msonlineservicesteam@microsoftonline.com, which normally delivers two-factor authentication codes and account notifications to hundreds of millions of users worldwide. The misuse gives attackers a powerful way to bypass user suspicion by appearing as trusted system communication.

The attack appears to rely on creating or compromising Microsoft accounts and leveraging them to trigger automated system emails that carry fraudulent content. In some cases, attackers replicate security alerts warning of unauthorized transactions. In others, messages direct users to external links embedded in the email body. Because the messages originate from a legitimate Microsoft-controlled infrastructure, they often pass basic authentication checks and appear authentic to recipients.

Security researchers have also documented related techniques involving Microsoft’s identity management system, where attackers manipulate tenant configuration fields to inject deceptive text into automated notifications. This method can alter subject lines and message content in system-generated emails, including fake purchase confirmations or cryptocurrency-related alerts. The result is a hybrid form of phishing where legitimate infrastructure is used to generate convincing fraudulent communications at scale.

A cybersecurity monitoring group has reported that the same Microsoft notification address has been abused for months to distribute spam and phishing messages. The group has flagged the issue to Microsoft and warned that such levels of customization in automated notification systems create structural risks for abuse. Microsoft has acknowledged inquiries but has not publicly detailed corrective measures. The incident reflects a broader trend in which attackers increasingly target trusted enterprise communication systems rather than relying on external spoofed domains. Users are advised to avoid clicking links in unexpected security emails and to verify account activity directly through official platforms.


  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.