Happy Friday
I was having a chat with a client earlier this week. He mentioned that he had noticed that their bill from Microsoft had gone up by a few dollars per user. Why?
Well in January, Microsoft decided to re-brand from Microsoft 365 (Office) to Microsoft 365 Copilot on web, mobile and Windows apps. The "upgrade" seemed sneaky to a lot of us in the IT space. The consensus is that Microsoft wasn't getting takers for their Copilot offering at $30 per user per month, so they decided to include a version of it with their desktop apps, and just do the price hike across the board. Unfortunately, this change has opened up a whole new opportunity for scammers. They're taking advantage of user confusion during the transition. Your fellow employees may not be aware of any financial obligations for Copilot. Do they have to pay for it? Is the company providing it to them at no charge? You can see how an email claiming to be from "Copilot" that's prodding a user to "activate their account" might seem legitimate. What we're seeing in the wild are emails from "Microsoft Co-Pilot" either with an attached pdf (carrying a malicious payload) or an email with a malicious link that takes you to a (fake) "Microsoft" login page. I think we all know what happens next - the victim enters their username, password and 2 factor code and the account is now owned by the criminal. The next thing you know, spam emails are going out to every email address that user has ever sent an email to, or received an email from, thus repeating the scam. The Takeaway This one is simple - use those skills of fake email identification so you don't fall for these new Copilot scams: 1) Check that sender email address.
The emails we've been seeing are sent from someone else's compromised mailbox account, not from Microsoft. Big red flag right there. 2) Check that attachment.
Unless you're expecting an attachment from that specific sender, don't open it. When in doubt, reach out to the sender the old fashion way (gasp!) by phone or a face-to-face conversation.
Microsoft Copilot is a relatively new product, so there will undoubtably be many scams to come using it as a lure. Use common sense, spot those red flags and share this email with those you think might become a victim.
Stay safe out there.
-Attila
PS. f you want to hear more about scams and other IT security topics, all for free, check out our Cyber Secured Podcast series on Apple Podcasts, Spotify, YouTube Podcasts or any other place you listen to podcasts (we're on all of them).
New Friday Funnies
What do you call a scam artist who is walking down a flight of stairs? Condescending
What scam do cats always fall for? Fishing links
Comments