Jump to content
  • No, Microsoft doesn't have dirt on you, it's just a sextortion scam

    Karlston

    • 1 comment
    • 440 views
    • 3 minutes
     Share


    • 1 comment
    • 440 views
    • 3 minutes

    Hackers are pulling a clever trick with the Microsoft 365 Admin Portal to send sextortion emails that sneak past spam filters and land directly in your inbox. These scams use the Microsoft 365 Message Center—a tool designed for legitimate updates about services and features. Instead of sending real updates, cybercriminals are abusing its "Share" feature to push their scam messages, making them look like they came straight from Microsoft.

     

    Here’s the deal: these emails claim your device was hacked and that they’ve got dirt on you—like videos or images of you in compromising situations. The scammers then demand payment in Bitcoin, threatening to share the supposed material if you don’t pay up. It’s a bold move, and the use of a legitimate Microsoft email address makes it seem even more real.

     

    What makes these emails especially dangerous is how they manage to bypass email security systems. Normally, these scams would be flagged by filters, but because they are sent from a trusted Microsoft address, "[email protected]," they get through unnoticed.

     

    Apparently, these scammers are abusing the "Personal Message" field in the Microsoft 365 Message Center’s "Share" option, which is designed to add a short note when sharing an advisory. Normally, this field is capped at 1,000 characters, but attackers have figured out a way around it. By using browser developer tools, they tweak the maxlength attribute in the HTML textarea element to allow longer messages. This lets them include their full sextortion text in the email without truncation.

     

    a screenshot of the textarea element being edited to increase the maximum length
    Image: Bleeping Computer

    It’s downright embarrassing for Microsoft that this works because the first rule in cybersecurity is "Never trust user input." This principle, often phrased as "Never trust what comes from the browser," emphasizes that client-side validations (like the character limit) are unreliable. Without server-side checks to enforce these restrictions, the email system blindly processes and sends the altered message.

     

    Although this technique has allowed scammers to bypass filters, it is important for users to recognize these emails for what they are: scams. Bleeping Computer says that Microsoft has acknowledged the issue and is investigating the abuse, but as of now, the server-side checks to prevent such messages haven't been added.

     

    A copy of one such scam email was posted on the Microsoft Answers forum, where a user shared the disturbing content. The email included bizarre arrow symbols and detailed information about the recipient, including their birthdate, to make it seem more authentic. It threatened to share compromising footage unless a Bitcoin payment was made within 48 hours.

     

    Sextortion emails are nothing new, but they're getting way nastier and more advanced. A big chunk of these scams is driven by groups like the infamous "Yahoo Boys" from West Africa, who’ve turned this into a full-blown operation. They’ve been sharing how-to guides on platforms like TikTok and YouTube, targeting teens and young adults on apps like Instagram and Snapchat.

     

    Source


    Hope you enjoyed this news post.

    Thank you for appreciating my time and effort posting news every day for many years.

    2023: Over 5,800 news posts | 2024 (till end of October): 4,832 news posts

    RIP Matrix | Farewell my friend  :sadbye:


    User Feedback

    Recommended Comments

    Are you ABSOLUTELY SURE about that?  We already know Nadella and his Empowered (TM) minions have an abnormal fixation on telemetry.  This just adds to the suspicion of dirty dealings his lack of leadership permits to go on in the company he is systematically running into the ground.

    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...