Microsoft Request Verification Scam Dangles Fake Document

A new scam is being circulated online, attempting to phish out victim credentials.

The new scam is very simple in its design. Victims receive an email that claims it contains a link to a Microsoft Word document hosted on OneDrive.

The document will have a name that is meant to create a sense of urgency. At least some of the malicious scam emails had a file containing "ORDER" in its name, implying an important business-related document.

The victim is expected to click a button labeled "Verify Your Identity". Doing this will open a malicious page that will attempt to harvest the user's Microsoft credentials, misleading the victim to think they are logging into a legitimate OneDrive page. Any information you enter on the fake login page will be stolen and likely used to take over your account.

The full text of the scam goes as follows:

Subject: RE:ORDER 11-28-2022


Request Verification

You've received a secure link to:

RE:ORDER 11-28-2022

By clicking Verify your identity you allow -

to use your email address in accordance with their privacy statement.

2022 Microsoft Privacy & Cookies

November 30, 2022