Sounds like a familiar bug. Again.
https://techcrunch.com/2024/06/18/security-bug-allows-anyone-to-spoof-microsoft-employee-emails/
(Granted, it hasn’t been validated – because MSFT closed the report.)
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/ad5d9dec0f9548dd91100545e553cdc3%40smithcons.com.
It does to me but what we experienced at a client site was this:
But, the user’s Inbox and Contacts were also harvested. ☹
I asked around but no one responded.
I have no doubt that this bug is resident in the online version given what we’ve seen with the @XYZ123.OnMicrosoft.Com e-mail blasts that hit our Proofpoint inbound spam quarantine regularly.
Philip Elder MCTS
Senior Technical Architect
Microsoft High Availability MVP
E-mail: Phili...@mpecsinc.ca
Phone: +1 (780) 458-2028
Web: www.mpecsinc.com
Blog: blog.mpecsinc.com
Twitter: Twitter.com/MPECSInc
Skype: MPECSInc.
Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7Wc7aGKYoigE%3DrAck0H2TgRCvcKj%2B1eE4HkTEba%2Bw2dg%40mail.gmail.com.