Microsoft emails that warned customers of Russian hacks criticized for looking like spam and phishing

Lorenzo Franceschi-Bicchierai

Updated 10 July 2024 at 2:26 pm·3-min read

In March, Microsoft confirmed that Russian government hackers known as Midnight Blizzard (or APT29) had broken into its systems with the goal of stealing various kinds of information, including data on Microsoft customers.

Months later, Microsoft is still in the process of notifying its affected customers, and it looks like the process isn’t going very well, with experts criticizing Microsoft for sending emails that look like spam, or even phishing attempts.

Kevin Beaumont, a former Microsoft employee and now a cybersecurity researcher who closely follows the company, has been warning companies to keep an eye out for these Microsoft emails.

“Microsoft had a breach by Russia impacting customer data and didn’t follow the Microsoft 365 customer data breach process. The notifications aren’t in the portal, they emailed tenant admins instead.” Beaumont wrote on his LinkedIn account. “The emails can go into spam — and tenant admin accounts are supposed to be secure breakglass accounts without email. They also haven’t informed orgs via account managers. You want to check all emails going back to June. It is widespread.”

One of the main issues with Microsoft’s notification email is that it includes a “secure link” to a domain that bears no apparent connection to Microsoft. Instead, the email includes a link to: "purviewcustomer.powerappsportals.com."

“Basically, the critical alert looks like a phishing attack,” one person wrote on X.

That link has been submitted to urlscan.io, a site that can help spot malicious links, more than a hundred times. That suggests that there are a lot of organizations that saw that official legitimate Microsoft email and thought it was malicious.

The urlscan.io submissions also suggest there are at least a hundred companies that were affected by the Russian government hack on Microsoft. U.S. cybersecurity agency CISA previously said that the Russian hackers also stole emails of several federal agencies.

Apart from Beaumont’s warnings, there is some evidence that Microsoft customers are legitimately confused. In a Microsoft support portal, one customer shared the email their organization received in an attempt to get clarity on whether it was a genuine Microsoft email.

“This email has several red flags for me, the request for the TenantID and essentially admin or high level email addresses, the powerapps page being barebones, and some quick Googling not finding anything related to the title of this email or it's [sic] contents,” the person wrote. “Can anyone confirm this is a legit Microsoft email request?”

Commenting on Beaumont’s LinkedIn post, a cybersecurity consultant said that “several” of his clients received the email and “All of them were worried it was phishing.”

“At first glance, this did not inspire trust for the recipients, who started asking in forums or reaching out to Microsoft account managers to eventually confirm that the email was legitimate...weird way for a provider like this to communicate an important issue to potentially affected customers,” the consultant wrote.

Microsoft spokespeople did not respond when TechCrunch asked how many organizations have been notified, or if the company plans to change the way it notifies affected customers.

Reuters
Google to blame for slower YouTube speeds in Russia, says senior lawmaker
Russia has criticised Alphabet's Google for taking down YouTube channels of Russian media and public figures and fined the U.S. company several times for failing to remove content Russia considers illegal or undesirable. Alexander Khinshtein, head of the lower house of parliament's information policy committee, on Thursday said slower speeds on the video hosting site was a forced step directed against YouTube for believing it could violate Russian law without punishment.
Reuters
New regulatory license for social media platforms in Malaysia to fight cyber offences
Malaysia will require social media services to apply for a license if they have more than 8 millon users in the country from August 1, in an attempt to combat increasing cyber offences, said the government. The Malaysian Communications and Multimedia Commission said in a statement on Saturday that the license was in line with cabinet's decision that social media and internet messaging services comply with Malaysian laws aimed at fighting scams, cyberbullying and sexual crimes. If social media services fail to apply for a license by 1 January 2025 then legal action will be taken against them, said the commission.
Futurism
Elon Musk Is Now Using Your Tweets to Train His Weird AI. Here's How to Turn It Off.
At some point, X-formerly-Twitter auto-opted its users into sharing their data with Grok, owner Elon Musk's bizarre "anti-woke" chatbot — and the site didn't tell anyone about it, either. Flagged by Rolling Stone's Noah Shachtman, it remains unclear when X introduced this so-called "data sharing" change. Twitter has opted you into training Elon's weirdo A.I. […]
South China Morning Post
China's Xiaohongshu carves out a niche in an increasingly crowded e-commerce market
Chinese social media platform Xiaohongshu, the Instagram-style app where young consumers to share lifestyle tips, is seeking to become a new force in the country's crowded e-commerce market by grabbing attention and revenue from established players such as Alibaba Group Holding and ByteDance's short-video app Douyin. Xiaohongshu, the platform also known as Red with 300 million monthly active users, held a two-day summit last Wednesday and Thursday in China's e-commerce hub Hangzhou, the home cit
Reuters
Bangladesh's internet shutdown isolates citizens, disrupts business
Md. Rakibul Ahsan was finishing a logo he had designed for a foreign client as the deadline fast approached. Just before he could hit send, Bangladesh's internet was shut down, stranding him and the rest of the country offline. Student-led protests against quotas for highly sought-after government jobs led to violent clashes that killed at least 147 people in Bangladesh this month.
Good Housekeeping
Céline Dion Fans Won't Believe How Much She’s Getting Paid by the Olympics
Céline Dion and Lady Gaga are performing a duet at the 2024 Paris Olympics opening ceremony. Here's how much they are reportedly being paid for one song.
Benzinga
Nikki Haley Says 'Democrats Are Very Smart To Put In A Younger Candidate' Against Trump But Kamala Harris Is The 'Weakest Candidate'
Nikki Haley, the former Governor of South Carolina, has recently voiced her steadfast support for Donald Trump over Kamala Harris in the upcoming November election. What Happened: As per a CNN report on Thursday, Haley justified her decision to back Trump, despite their previous disagreements during the Republican primary fight. She also shared her thoughts on President Joe Biden’s decision to step down from the race, stating it was expected. Don’t Miss: IRS Finalizes 10-Year Rule For Retirement
Benzinga
Can Trump Replace JD Vance As Kamala Harris Gains Momentum? Experts Warn It Could Be 'Extraordinarily Disruptive
The question of whether former President Donald Trump might replace Sen. J.D. Vance (R-Ohio) as his vice presidential candidate has been raised. This speculation is due to Vance’s underwhelming polling and the growing momentum of Vice President Kamala Harris. Despite Trump’s continued support for Vance, the possibility of a replacement is being discussed. What Happened: Republican Party rules technically allow Trump to select a new running mate. However, such a decision would need to be made swi
Sky News
Woman whose wife had sex with sperm donor loses legal challenge over child's birth certificate
A woman has lost a Court of Appeal challenge over her name being removed from her child's birth certificate after it was revealed her ex-wife had sex with a sperm donor behind her back. The ex-couple, referred to as P and Q, met then-stranger F in a pub following an internet advert and "formed a favourable impression of him" before signing a sperm donor agreement over the use of artificial insemination. P and F then had sex three times at P's parents' house, without Q's knowledge, with the third occasion coinciding with another artificial insemination attempt.
Evening Standard
Arsenal 2-1 Manchester United: Gabriel Martinelli seals win after Rasmus Hojlund and Leny Yoro injuries
The young striker and defender were both forced off in the first half
The Telegraph
‘OnlyFans saved my life’: Why Olympians are turning to the adult-only site
Team GB’s diving squad made an early splash at the Paris Olympics after Britain’s first ever gold-medal winning diver, Jack Laugher, revealed he supplements his income by posting semi-nude photographs online.
NextShark
2 Sacramento children missing after mother found dead in her home
Four-year-old Athena Lee and her 2-year-old brother Mateo Lee are missing after their mother, 28-year-old Angelica Bravo, was found dead on July 8 in her north Sacramento home along Didcot Circle by the Sacramento Fire Department, who responded to a call for medical aid. The suspect: In their Endangered Missing Advisory for Athena and Mateo, the California Highway Patrol (CHP) named the missing children’s father, 38-year-old Camron Lee, as a suspect in their disappearance.
Variety
Robert Downey Jr. Sets Marvel Return as Doctor Doom in ‘Avengers: Doomsday’
Robert Downey Jr. is returning to the Marvel Cinematic Universe as Doctor Doom in a new “Avengers” movie titled “Avengers: Doomsday,” which will be directed by Joe and Anthony Russo in their own return to Marvel. The directing duo is on deck to helm two new “Avengers” movie: “Doomsday,” which will introduce Victor von Doom/Doctor …
SETHLUI.COM
Chelabela: Korean father-daughter hawkers serve homemade Korean food like army stew and tteokpokki in Ang Mo Kio
The post Chelabela: Korean father-daughter hawkers serve homemade Korean food like army stew and tteokpokki in Ang Mo Kio appeared first on SETHLUI.com.
SETHLUI.COM
11 budget malls in Singapore where prices are a steal
The post 11 budget malls in Singapore where prices are a steal appeared first on SETHLUI.com.
INSIDER
The 1 food you should eat for brain health — and why you can't replace it with supplements
Chlorophyll supplements promise to boost your skin, heart, and brain health. It's an incredible molecule — but you need to get it from food.
The Telegraph
Man Utd’s training drills analysed: Van Nistelrooy barking orders and Sancho looks lively
Hundreds of fans turned up in the glorious early evening sunshine to watch Manchester United train at the Wallis Annenberg Stadium on the University of California Los Angeles (UCLA) campus.
The Daily Beast
Kamala Harris’ VP Frontrunner Accused of Sex Harassment Cover-up
One of the frontrunners to be Kamala Harris’ VP pick has been accused of covering up a sexual harassment scandal and being too insecure to be “second under a woman.”Josh Shapiro, the Democratic governor of Pennsylvania, has consistently topped lists of potential running mates for the Democratic nominee-apparent, someone who had previously shown no hint of providing material for Republicans to latch on to.But now a Democrat running to be Pennsylvania’s state treasurer has launched an attack on Go
The Guardian
‘I’m rocking with Kamala’: Black men defy faulty polling by showing up for Harris campaign
Specific results on her performance with Black voters aren’t in yet, but recent calls suggest a Trump exodus is not true
Hello!
Amanda Holden sizzles in tiny string bikini - and Elizabeth Hurley approves
BGT's Amanda Holden is no stranger to a daring bikini and Elizabeth Hurley was very impressed after her latest summer sartorial display. See photos.

Latest stories