Microsoft, the software giant, has time and again been exposed to cybercrime activities. It’s one of the top picks among phishing actors. The immense popularity of Microsoft across professional and personal setups makes it an absolute favorite among threat actors.

Over the past few years, Microsoft 365 has undergone multiple phishing attacks. Between 2019 and 2022, there has been a spike of 38% in Cybercrime-as-a-Service incidents, thereby targeting work emails

 

The Greatness Phishing Kit- The New Kid in the Block!

A notorious threat actor called Fisherstell came up with the Greatness Phishing Kit back in 2022. However, it grabbed the attention of cybersecurity experts only around December 2023. This phishing kit is being used extensively by threat actors to attack Microsoft 365 accounts. The kit is quite easy to use and does not involve a steep learning curve.

There’s this dedicated Telegram account for Greatness Phishing Kit, which shares actionable details about the phishing kit. The ease of operation and readily available hacks and tricks make the phishing kit all the more lucrative among threat actors.

 

The Anatomy of a Phishing Kit

Image sourced from aon.com

 

The kit comes with truckloads of features such as customization, engagement metrics, QR codes, and so on. Besides, the kit comes equipped with systems to evade cybersecurity detection technology. That’s exactly why the kit is increasingly being used to break into Microsoft accounts. 

Threat actors are paying as much as $120 to use this phishing kit to scam users.

 

Here’s How to Identify a Microsoft 365 Greatness Kit Scam!

Keep these few things in mind if you don’t want to end up being scammed by some petty phishing actor!

  • Avoid opening emails that have HTML attachments, executables, archives, etc.
  • Never scan any QR code inside an email.
  • Delete the email immediately if you sense any kind of urgency in the content.
  • Go through each and every statement of an email that comes from any kind of official institution, such as brands, banks, firms, etc. Identity theft is highly prevalent nowadays, thanks to easily accessible tools like the Greatness Kit, ChatGPT, etc.
  • Opt out of an email that promises you tons of money, a lottery prize, or a trip to an exotic location. It is highly likely that threat actors are trying to access your personal details by offering you bait.

 

 

Threat actors are making the most out of the booming technology to break into your bank and computer. Microsoft 365 is being attacked now and again because of it being a household name. Phishing actors are trying to leverage Microsoft’s brand value

The only way to stay ahead of these fraudsters is to be highly vigilant while working on a digital platform. Next time you see a Microsoft email landing in your inbox, be very cautious. In case of any doubt, get in touch with the Microsoft authority directly. 

 

 

A little caution, including implementing phishing protection will go a long way in safeguarding your personal details, hard-earned money, and expensive gadgets.