What is the “New app(s) have access to your Microsoft Account” phishing email

“New app(s) have access to your Microsoft Account” email is part of a phishing campaign that tries to trick users into disclosing their Microsoft account login credentials. The email itself is harmless if users do not click on the link and disclose their login credentials. However, if credentials are successfully phished, users’ accounts will be hijacked by malicious actors.

 

 

The “New app(s) have access to your Microsoft Account” phishing email tries to trick users into revealing their Microsoft login credentials. The email claims a new app has been connected to users’ Microsoft accounts. According to the email, if users did not grant this access, they need to log in using the provided link and revoke the access immediately. If users engage with the email and click on the link, they will be taken to a fake Microsoft login page. The page is purposely made to look identical to Microsoft’s site, which may trick users. The site asks that users log in. If users type in their login credentials, they will be immediately sent to the cybercriminals operating this phishing campaign.

Stolen login credentials will be used by the malicious actors operating this scam or sold to other cybercriminals on hacker forums. Email account credentials are a hot commodity because such accounts contain a lot of personal/sensitive information and are connected to many other accounts.

A hijacked email account could cause a lot of damage to users, which is why users must secure them as much as possible. That includes using strong passwords, enabling two-factor authentication (2FA), and becoming familiar with various phishing attempts.

The full “New app(s) have access to your Microsoft Account” phishing email is below:

Subject: New app(s) connected to your Microsoft account

Microsoft account

New app(s) have access to your data

Gmail Android connected to the Microsoft account – .

If you didn’t grant this access, please remove the app(s) from your account.

Login Here to Manage your apps

You can also opt out or change where you receive security notifications.

Thanks,
The Microsoft account team

How to recognize phishing emails

Phishing attempts that target many users simultaneously tend to be very generic, which makes them quite obvious. If users know what to look for and are careful, they should be able to identify phishing attempts. Generic phishing attempts that don’t target a specific person tend to be quite obvious. Users should be able to recognize the signs as long as they know what to look for.

The sender’s email address is one of the first things users should check when they receive an unsolicited email, especially one that asks users to perform some action. Low-effort phishing emails will be sent from random-looking email accounts so they are immediately recognizable. More sophisticated ones will be sent from legitimate-looking ones. This is where it can be difficult to identify malicious/phishing emails. In some cases, email addresses are also spoofed to look identical to the legitimate ones.

Another obvious sign of a potentially malicious email is grammar/spelling mistakes. Awkward phrasing is also common in low-effort malicious emails. Sendres claim to be from legitimate companies so the mistakes make them immediately obvious. You will never see mistakes in legitimate emails from legitimate companies because they look very unprofessional. This particular “New app(s) have access to your Microsoft Account” phishing email has only one obvious mistake, which makes it more sophisticated than most.

Malicious actors use certain tactics to pressure users into reacting quickly without double-checking anything. This particular email claims that a new app has been granted access to the recipient’s data, which would immediately alarm users and force them to react. When dealing with such emails, it’s important to maintain a clear head and not rush into action. The correct course of action in this case would be to not interact with the email and instead manually access the Microsoft account in question and check which apps have access. If there’s nothing unusual, the email is likely a phishing attempt.

Finally, the biggest phishing attempt giveaway is the site’s URL. If you were to engage with this email and click on the “Login Here to Manage your apps” button, you would be taken to a site that tries to imitate the legitimate Microsoft login page. The site may very closely resemble the legitimate Mircosoft site but its URL will be different. Before you log in anywhere, you should always make sure the URL is correct.

“New app(s) have access to your Microsoft Account” phishing email removal

These emails are harmless if you don’t interact with them. You can just remove “New app(s) have access to your Microsoft Account” phishing email from your inbox and forget about it. However, if you did click on the link and typed in your login credentials, you need to change your Microsoft account password immediately if you can still access your account. If you can no longer access your account, you can try contacting Microsoft support or try the account recovery options. Suppose you cannot regain access to the account. In that case, you need to access all other accounts connected to your Microsoft Outlook email and change the email address to a different one to avoid those accounts being hijacked.