{"id":47217,"date":"2022-06-22T20:33:50","date_gmt":"2022-06-22T20:33:50","guid":{"rendered":"https:\/\/www.darkreading.com\/remote-workforce\/microsoft-office-365-users-raging-spate-attacks"},"modified":"2022-06-22T20:33:50","modified_gmt":"2022-06-22T20:33:50","slug":"microsoft-365-users-in-us-face-raging-spate-of-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/","title":{"rendered":"Microsoft 365 Users in US Face Raging Spate of Attacks"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Microsoft 365 and Outlook customers in the US are in the crosshairs of a successful credential-stealing campaign that uses voicemail-themed emails as phishing lures. The flood of malicious emails anchoring the threat is emblematic of the larger problem of securing Microsoft 365 environments, researchers say.<\/p>\n<p>According to an analysis&nbsp;from Zscaler&#8217;s ThreatLabz, a highly targeted offensive has been ongoing since May, aiming at specific verticals, including software security, the US military, security-solution providers, healthcare\/pharmaceuticals, and the manufacturing supply chain.<\/p>\n<p>The campaign has been successful in compromising swaths of&nbsp;credentials, which can be used for a variety of cybercrime endgames. These include taking over accounts in order to access documents and steal information, eavesdropping on correspondence, sending believable business email compromise (BEC) emails, implanting malware, and <a href=\"https:\/\/www.darkreading.com\/risk\/phishing-attacks-for-initial-access-surged-q1\" target=\"_blank\" rel=\"noopener\">burrowing deeper into corporate networks<\/a>. The user ID\/password combos can also be added to credential-stuffing lists in hopes that victims have made the mistake of reusing passwords for other types of accounts (such as online banking).<\/p>\n<p>&#8220;Microsoft 365 accounts are often a treasure trove of data, which can be downloaded en masse,&#8221; says Robin Bell, CISO of Egress. &#8220;Furthermore, hackers can use compromised Microsoft 365 accounts to send phishing emails to the victim\u2019s contacts, maximizing the effectiveness of their attacks.\u201d<\/p>\n<h2 class=\"regular-text\">Voicemail Phishing Attack Chain<\/h2>\n<p>From a technical perspective, the attacks follow a <a href=\"https:\/\/www.darkreading.com\/edge-threat-monitor\/ransomware-and-phishing-remain-it-s-biggest-concerns\" target=\"_blank\" rel=\"noopener\">classic phishing flow<\/a>&nbsp;\u2014 with a couple of quirks that make them more successful. <\/p>\n<p>The attacks start out with purported missed-voicemail notifications being sent via email, which contain HTML attachments. <\/p>\n<p>HTML attachments often get past email gateway filters because they aren&#8217;t in and of themselves malicious. They also don&#8217;t tend to raise red flags for users in a voicemail notification setting, since that&#8217;s how legitimate Office notifications are sent. And for added verisimilitude, the &#8220;From&#8221; fields in the emails are crafted specifically to align with the targeted organization&#8217;s name, according to a recent <a href=\"https:\/\/www.zscaler.com\/blogs\/security-research\/resurgence-voicemail-themed-phishing-attacks-targeting-key-industry\" target=\"_blank\" rel=\"noopener\">Zscaler blog post<\/a>.<\/p>\n<p>If a target clicks on the attachment, JavaScript code will redirect the victim to an attacker-controlled credential-harvesting website. Each of these URLs are custom-created to match the targeted company, according to the&nbsp;researchers. <\/p>\n<p>&#8220;For instance, when an individual in Zscaler was targeted, the URL used the following format: zscaler.zscaler.briccorp[.]com\/&lt;base64_encoded_email&gt;,&#8221; they noted in the blog post, which detailed the attacks. &#8220;It is important to note that if the URL does not contain the base64-encoded email at the end; it instead redirects the user to the Wikipedia page of MS Office or to office.com.&#8221;<\/p>\n<p>Before the mark can access the page however, a Google reCAPTCHA check pops up \u2014&nbsp;an <a href=\"https:\/\/unit42.paloaltonetworks.com\/captcha-protected-phishing\/\" target=\"_blank\" rel=\"noopener\">increasingly popular technique<\/a> for evading automated URL analysis tools. <\/p>\n<p>CAPTCHAs are familiar to most Internet users as the challenges that are used to confirm that they&#8217;re human. The Turing test-ish puzzles usually involve clicking all photos in a grid that contain a certain object, or typing in a word presented as blurred or distorted text. The idea is to weed out bots on e-commerce and online account sites \u2014&nbsp;and they serve the same purpose for crooks.<\/p>\n<p>Once the targets solve the CAPTCHAs successfully, they&#8217;re sent onto the phishing page, where they&#8217;re asked to enter their Microsoft 365 credentials \u2014&nbsp;which, of course, are promptly captured by the bad guys on the other end of the URL.<\/p>\n<p>&#8220;When faced with a login prompt that looks like a typical O365 login, the person is likely to feel comfortable entering their information without looking at the browser&#8217;s URL bar to ensure they are at the real login website,&#8221; Erich Kron, security awareness advocate with KnowBe4, tells Dark Reading. &#8220;This familiarity, and the high odds that an intended victim regularly uses O365 for something in their workday, makes this a great lure for attackers.&#8221;<\/p>\n<p>Using voicemail as a lure <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/new-office-365-phishing-scam-leaves-a-voicemail\" target=\"_blank\" rel=\"noopener\">isn&#8217;t a new technique<\/a>&nbsp;\u2014 but it&#8217;s a successful one. The current campaign is actually a resurgence of earlier activity seen in July 2020, the researchers noted, given significant overlap in the tactics, techniques, and procedures (TTPs) between the two phishing waves. <\/p>\n<p>&#8220;These attacks target human nature, manipulating their victims using techniques that play on our psychology,&#8221; Egress&#8217; Bell tells Dark Reading. &#8220;That&#8217;s why, despite investing in security awareness training, many organizations still fall victim to phishing. In addition to this, threat actors are crafting increasingly sophisticated, highly convincing attacks that many people simply can\u2019t distinguish from the &#8216;real thing.&#8217; This is exacerbated by the increasing use of mobile devices, as users often can\u2019t see details like the sender\u2019s real information.&#8221;<\/p>\n<h2 class=\"regular-text\">Microsoft 365 Continues to Be a Popular Target<\/h2>\n<p>The cloud version of Microsoft&#8217;s productivity suite, formerly known as Office365 or O365 and&nbsp;renamed Microsoft 365 by the company, is used by more than 1 million companies and more than&nbsp;250 million users. As such, it acts as a siren song to cybercrooks.<\/p>\n<p>According to a 2022 Egress report, &#8220;<a href=\"https:\/\/www.egress.com\/newsroom\/threats-exploiting-employees-a-concern-for-microsoft-365-users\" target=\"_blank\" rel=\"noopener\">Fighting Phishing: The IT Leader\u2019s View<\/a>,&#8221; 85% of organizations using Microsoft 365 reported being victims of phishing during the last 12 months, with 40% of organizations falling victim to credential theft.<\/p>\n<p>&#8220;Microsoft O365 and Outlook are used by an estimated 1 million companies, so there\u2019s a good chance that their victim, and the victim&#8217;s organization, use these services,&#8221; Bell says. &#8220;With such a high volume of accounts, the hackers have a better chance of reaching targets with a low level of tech awareness, who are more likely to fall for an attack.&#8221;<\/p>\n<p>Microsoft 365 phishes also are popular attack vectors because the blend in with normal workday activities, Kron notes. <\/p>\n<p>&#8220;We spend a lot of our workday in a near autopilot mode, doing repeated tasks almost automatically, as long as the tasks are expected,&#8221; he explains. &#8220;It\u2019s only when something unexpected occurs that people tend to take notice and apply critical thinking. For many of us, the action of logging in to an O365 portal is not unusual enough to raise our suspicions. Many times, when people log in to these fake portals, the credential stealing software invisibly forwards the information to the legitimate login portal resulting in a successful login, and the victim is never aware that they were tricked.\u201d<\/p>\n<h2 class=\"regular-text\">How CISOs Can Defend Against Social Engineering<\/h2>\n<p>There are significant challenges for CISOs in shutting down this type of threat vector, researchers say,&nbsp;mainly due to the fact that it&#8217;s impossible to patch human nature. That said, <a href=\"https:\/\/www.darkreading.com\/regular-user-training-most-effective-security-antidote\/v\/d-id\/1335613\" target=\"_blank\" rel=\"noopener\">user training<\/a> to encourage employees to perform basic protections, like checking the URL before logging in, can go a long way.<\/p>\n<p>&#8220;We have to face the fact that social-engineering attacks, which include phishing, vishing, and smishing, are here to stay,&#8221; says Kron. &#8220;Phishing has been prevalent almost since email began, and the damage done and losses sustained are simply too high to ignore, while hoping for the best. CISOs need to understand these risks, and employees need to understand that in our modern world where everyone uses computers and processes information in some way, cybersecurity is a part of everyone\u2019s job, and will be for the foreseeable future.\u201d<\/p>\n<p>Beyond this basic best practice, CISOs should also take <a href=\"https:\/\/www.darkreading.com\/endpoint\/how-to-better-secure-your-microsoft-365-environment\" target=\"_blank\" rel=\"noopener\">back-end technology steps<\/a> to fill in for when people make mistakes, as they inevitably will. And this should go beyond standard secure email gateway filters, according to Bell.<\/p>\n<p>&#8220;To truly mitigate the risk, organizations need the right technology,&#8221; she advises. &#8220;CISOs need to evaluate their security stack, ensuring that they are augmenting their email platforms with additional layers of protection to ensure that their people and data are protected. Technology should partner with employees to help them to identify even the most sophisticated attacks, ensuring that credentials and email accounts cannot be compromised by threat actors.\u201d<\/p>\n<p>Kron recommends a commonsense defense approach that combines both technology and training.<\/p>\n<p>&#8220;For CISOs that do not recognize this and attempt to counter these attacks with purely technical tools, the odds of success are quite low,&#8221; he says. &#8220;For CISOs that understand that these attacks are exploiting human vulnerabilities and deploy a mix of technical controls as well as tackling the human issue through education and training, the results are often much better.&#8221;<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/remote-workforce\/microsoft-office-365-users-raging-spate-attacks\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes.Read More <a href=\"https:\/\/www.darkreading.com\/remote-workforce\/microsoft-office-365-users-raging-spate-attacks\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-47217","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-22T20:33:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft 365 Users in US Face Raging Spate of Attacks\",\"datePublished\":\"2022-06-22T20:33:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/\"},\"wordCount\":1366,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt346e8ac4c3f482a2\\\/6296773dbd3c176ee20080c9\\\/msoffice_Wachiwit_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/\",\"name\":\"Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt346e8ac4c3f482a2\\\/6296773dbd3c176ee20080c9\\\/msoffice_Wachiwit_shutterstock.jpg\",\"datePublished\":\"2022-06-22T20:33:50+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt346e8ac4c3f482a2\\\/6296773dbd3c176ee20080c9\\\/msoffice_Wachiwit_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt346e8ac4c3f482a2\\\/6296773dbd3c176ee20080c9\\\/msoffice_Wachiwit_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-users-in-us-face-raging-spate-of-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft 365 Users in US Face Raging Spate of Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-06-22T20:33:50+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft 365 Users in US Face Raging Spate of Attacks","datePublished":"2022-06-22T20:33:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/"},"wordCount":1366,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/","name":"Microsoft 365 Users in US Face Raging Spate of Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg","datePublished":"2022-06-22T20:33:50+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt346e8ac4c3f482a2\/6296773dbd3c176ee20080c9\/msoffice_Wachiwit_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-users-in-us-face-raging-spate-of-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft 365 Users in US Face Raging Spate of Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47217","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47217"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47217\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47217"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47217"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47217"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}