Summary: A phishing campaign is exploiting Microsoft Copilot’s branding to trick employees into revealing their credentials. Attackers are sending emails that resemble legitimate Microsoft communications, complete with fake invoices and phishing pages mimicking a Microsoft Copilot interface. This deception enables cybercriminals to capture sensitive login information, further compromising accounts through multi-factor authentication prompts.
Affected: Microsoft Copilot users and organizations utilizing Microsoft services
Keypoints :
- Phishing emails appear to come from “Co-pilot” with fake invoice alerts.
- Links redirect users to a convincing phishing page masquerading as a Microsoft Copilot welcome interface.
- Discrepancies in the phishing page, like the absence of a password reset option, reveal its fraudulent nature.
- After login, victims face a fake MFA prompt, giving attackers time to exploit the compromised account.
Source: https://securityonline.info/copilot-phishing-new-scam-targets-microsoft-users/