Scammers Use Microsoft 365 to Send Sextortion Emails
/ 1 min read
Scammers exploit Microsoft 365 Admin Portal to send sextortion emails. Cybercriminals are using the Microsoft 365 Message Center to deliver sextortion emails that appear legitimate, bypassing traditional spam filters. These emails falsely claim that the recipient’s device has been hacked and demand payments ranging from $500 to $5,000 to prevent the release of compromising images. The scammers manipulate the “Personal Message” feature in the Message Center to send lengthy extortion messages, taking advantage of a lack of server-side character checks. Microsoft is aware of the issue and is investigating the malicious activity. Users are advised to recognize these emails as scams and to avoid engaging with them or sending any payments.