Is Microsoft flagging its own emails as phishing attempts?
Microsoft has been in hot waters when it comes to security, so it's only doing its due diligence.
- Apparently, a lot of users have been experiencing this false flagging.
- However, Microsoft has yet to release a solution.
- But, in doing so, the Redmond-based company might damage the security processes.
It seems that Microsoft flags Microsoft emails as coming from phishing accounts, in a Reddit post made by a confused user, who wondered why this happens.
If you remember, Microsoft has been in a bit of a tough space lately, especially when it comes to security. The Redmond-based tech giant has been criticized by users, for not handling the hacker Storm-0558 situation better. Back in May, Storm-0558 gained access to the email accounts of approximately 25 organizations, many of which were government institutions.
A lot of users then criticized the company, saying they are paying a subscription to protect themselves from Microsoft’s mistakes, rather than real hackers. Microsoft then announced that it will provide more cloud security at no cost, in a collaboration with CISA. The updated security should roll out in September 2023.
But either way, Microsoft’s products, especially Teams, are actively the targets of phishing scams and malware attacks. Teams, for example, is particularly affected. In 2022, 80% of Microsoft 365 accounts were hacked, and a staggering 60% of Microsoft Teams accounts were successfully hacked.
So, it’s only natural Microsoft wants to strengthen security. However, Microsoft flagging up its own emails could end up being very confusing to a lot of people.
Microsoft accounts were flagged as sending phishing emails
An email sent by Microsoft 365 was flagged as being a phishing email and it was quarantined and blocked by Microsoft Security. The detection technology said that the account was actually an impersonation of Microsoft 365, but the email is valid, and it was indeed Microsoft.
However, while this might be frustrating, a lot of users actually like that it happens. It shows that Microsoft is taking its due diligence to provide the best security experiences to customers.
I see this as a good thing. They should have to play by the same rules as everyone else, and not have special methods to bypass their own security measures. If they have a special bypass, that becomes an attack vector for someone else to exploit.
Which is a good think. Nothing should be trusted implicitly and everything can be compromised.
It seems that a lot of users have also experienced this issue, and it’s all due to the fact that Microsoft somehow uses the same algorithms a phishing account would use.
I think the real problem is, they shouldn’t be setting the “From” display field to claim to be individual users. They should have a no-reply address or something. That’s often why their notifications get marked as phishing– they’re doing the same thing phishing attacks do to impersonate users.
Have you experienced this issue? Let us know in the comments section below.