© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Microsoft corporate emails easily spoofed due to bug

Due to a security bug, anybody can impersonate Microsoft corporate email accounts, making phishing messages credible and persuasive.

Vsevolod Kokorin, a security researcher at SolidLab, says on X he discovered a vulnerability that allows users to send malicious messages from any corporate domain to Outlook accounts. The bug, for example, enables people to pretend they are an employee working for the Redmond-based tech company.

It’s a dangerous bug, because scammers can use it to send phishing emails with malicious attachments or malignant URLs to unsuspecting victims. And since the message comes from a Microsoft corporate email account, no red flags are raised, making the scam convincing.

Kokorin, also known as ‘slonsor’, warned Microsoft for the vulnerability. The only response he got from Microsoft’s security team was that they couldn’t reproduce the bug. Next, he sent a video with a detailed explanation, including a proof of concept of the exploitation. Yet again Microsoft told him they couldn’t reproduce the vulnerability.

“At this point, I decided to stop communication with Microsoft,” Kokorin says.

Researcher not giving away any technical details

He then chose to contact TechCrunch instead. In an online chat, Kokorin said he believes that Microsoft has reopened the case after he posted it on X.

“Many people misunderstood me and think that I want money or something like that. In reality, I just want companies not to ignore researchers and to be more friendly when you try to help them,” Kokorin states.

The security researcher doesn’t share any technical details about the vulnerability, because he doesn’t want scammers to use the bug for illegal purposes.

It’s unknown whether the vulnerability has been exploited by scammers or not. TechCrunch approached Microsoft with a request for comment, but no spokesperson was available.

Leave a Reply

Your email address will not be published. Required fields are marked