Cybercriminals have turned Microsoft 365’s own transactional email system into an advanced delivery mechanism for business email compromise (BEC) attacks, security researchers warn. By exploiting the platform’s built-in notification capabilities, threat actors are sending fraudulent billing messages from the legitimate [email protected] address—a tactic that bypasses traditional email filters and tricks employees into calling fake support numbers. Once on the line, victims are socially engineered into installing Remote Access Trojans (RATs) that can steal banking credentials and provide a foothold for broader network compromise. The technique, uncovered by Kaspersky’s threat research team, represents a sophisticated escalation in social engineering, leveraging the implicit trust users place in Microsoft’s communications to infiltrate corporate networks.

A Trust Betrayed: Microsoft’s Own Infrastructure as the Attack Vector

The campaign’s sophistication lies not in a novel technical exploit but in the perversion of Microsoft’s own trusted systems. Unlike typical phishing emails that spoof domains or use lookalike addresses, these notifications are authentic Microsoft correspondence. The scammers have discovered a way to inject their own billing details—specifically a fraudulent phone number—into the thank-you messages that Microsoft 365 automatically generates when new subscriptions are created.

“One would be hard-pressed to imagine an email address with a more trusted reputation, so the message easily gets past any email server filters,” says Roman Dedenok, a spam analysis expert at Kaspersky. Indeed, the abuse of a genuine Microsoft notification channel means the emails sail through traditional security gateways that rely heavily on sender reputation to block threats. For corporate employees, the fear of an unauthorized company expense triggers an urgent and often rash response—exactly what the attackers count on.

Anatomy of the Scam: From Fake Bills to Remote Access Trojans

Once the victim calls the provided number, the scam transitions to a classic tech-support fraud, but with a dangerous twist. The operator, posing as a Microsoft support agent, insists on installing remote support software. Victims are sent an executable file (.EXE) that likely contains a Remote Access Trojan (RAT). The scammer then walks the employee through a fake refund process, asking them to log into their online banking to “verify” a reversal. With the RAT active on the system, the attackers can capture login credentials in real time, leading to immediate financial theft and potential lateral movement into the corporate network.

“The types of ‘purchased’ subscriptions suggest that the scammers are targeting company employees,” Dedenok notes. “They prey on a common employee fear: making an expensive, unnecessary purchase could cause trouble at work.” With the email coming from a no-reply address, employees feel they have no choice but to call the number. The entire attack flow is designed to exploit human psychology and bypass technical defenses that have been trained to trust Microsoft’s own infrastructure.

How Attackers Insert Malicious Content into Legitimate Notifications

While the exact method remains unconfirmed, security researchers have pieced together two plausible attack vectors. In the first scenario, attackers leverage trial or test subscriptions. By using compromised or synthetic payment details and entering the target’s email, they trigger Microsoft’s automated billing notification. The message is genuine because it was genuinely generated by Microsoft—only the contact phone number has been doctored. In the second scenario, an account takeover allows the attacker to use Microsoft’s admin tools to resend billing information, this time pointing the recipient to the scam call center.

Both methods highlight a fundamental gap in how cloud notifications are secured. The system trusts that the subscription initiator is legitimate, and because the email originates from a verified source, it evades most spam and phishing filters. For attackers, the approach is refreshingly simple: no domain spoofing, no malicious attachments in the initial email, just a phone number that looks like customer support.

The Rising Tide of Business Email Compromise

This notification hijacking tactic is the latest chapter in the rapid expansion of BEC attacks. According to a report from Barracuda, BEC attacks accounted for more than 10% of all social engineering-based intrusions in 2023, up from 8% in 2022 and 9% in 2021. The trend line is unmistakable: attackers are moving from broad, spam-heavy campaigns to highly targeted, credible impersonations that exploit trust in brands and internal processes. While Gmail remains the most common domain used in social engineering attacks (22% in 2023), Microsoft’s ecosystem is uniquely attractive for so-called “insider” attacks that abuse official notifications, purchase confirmations, and service messages.

“IT and security professionals need to understand how the email threat ecosystem is evolving and what this means for the organization and its employees in terms of risk, resilience, and incident response,” says Tilly Travers of Barracuda. As cloud platforms become the backbone of enterprise communication, the line between trusted and malicious blurs, and security postures must adapt accordingly.

Why This Attack is a Nightmare for Security Teams

Several factors make this campaign exceptionally dangerous. First, it sidesteps technical controls that assume messages from microsoft.com are benign. Email gateways that would normally flag a spoofed domain or suspicious attachment are rendered useless because the email is both authentic and clean of malware at the initial stage. Second, the social engineering is laser-focused: it exploits the inherent authority of Microsoft’s brand and the fear of financial liability. Employees are conditioned to trust official notices, and an unexpected bill triggers an immediate desire to resolve the issue.

Third, the attack chain cleverly integrates remote access tools, which are notoriously difficult to block without crippling legitimate IT support workflows. Once the RAT is installed, attackers have a foothold that can lead to credential theft, data exfiltration, and even ransomware deployment. The combination of psychological manipulation and technical infiltration creates a threat that is both hard to detect and highly damaging. Small and mid-size businesses, which often lack advanced security orchestration, are particularly vulnerable because a single compromised endpoint can lead to a full-scale breach.

Defending Against Notification Hijacking

Given the stealthy nature of these attacks, organizations must adopt a layered defense strategy that blends technology, policy, and user education. The following measures are critical:

  • Enhanced Email Security Gateways: Deploy solutions that analyze not only sender reputation but also content anomalies—such as unexpected billing amounts, phone numbers in transactional messages, or deviations from normal notification templates.
  • Endpoint Protection and Behavioral Monitoring: Use advanced endpoint security that can detect and block unauthorized remote access tools, ransomware, and credential-harvesting activity. Behavioral analytics can flag unusual processes like a legitimate user suddenly interacting with a banking site while an unknown tool has active screen control.
  • Multi-Factor Authentication (MFA): Enforce MFA on all cloud and financial accounts. Even if an attacker captures a password, MFA throws up a critical barrier. This applies to Microsoft 365, banking portals, and any other sensitive systems.
  • User Awareness Training: Regularly train employees to recognize the hallmarks of BEC scams, including unexpected invoices, pressure to call a number, and requests to install software. Drills that simulate these scenarios build muscle memory and reduce the likelihood of a successful attack.
  • Verification Protocols: Implement a policy that any financial transaction or unusual notification must be verified through established internal channels—never by using contact information provided in the suspicious message. For example, a procurement officer should call accounts payable on a known number, not the one in the email.
  • Limit Privileged Access: Restrict the number of employees who can initiate Microsoft 365 subscriptions, modify billing details, or resend notifications. Monitoring and alerting on these administrative actions can catch misuse early.

What Microsoft and the Industry Must Do

The notification hijacking campaign is a wake-up call for cloud service providers. Microsoft should implement stricter controls around automated billing notifications. Possible improvements include:

  • Alert Recipients When a Notification Is Generated: Send a secondary communication (e.g., a text message or app notification) whenever a billing email is triggered, allowing users to quickly spot unauthorized actions.
  • Tamper-Evident Notifications: Digitally sign or watermark transactional emails so that any unauthorized modifications (such as changed phone numbers) are detectable or render the email invalid.
  • Rate Limiting and Anomaly Detection: Monitor for unusual patterns of subscription creation or billing resends from a single account, especially when targeting external email addresses.
  • DMARC Policy Refinements: While DMARC already protects against spoofing, it could be extended to flag emails whose content has been altered post-generation, perhaps via tighter integration with email authentication standards.

Beyond Microsoft, the industry must adopt a zero-trust approach even for communications from known vendors. Security frameworks should treat every email as potentially hostile until verified by an independent channel. Cloud platforms could also provide administrators with dashboards that show all outgoing communications generated on behalf of the organization, complete with recipients and content summaries, enabling real-time auditing.

Lessons from Other Cloud Platforms and the Threat Actor’s Playbook

The Microsoft 365 notification abuse is not an isolated incident. Similar social engineering campaigns have exploited cloud giants’ automated messaging—for instance, Google Workspace password reset emails and DocuSign completion notices have been repurposed in the past. What sets this attack apart is the seamless injection of fraudulent content into a genuinely generated message, a technique that could be replicated across other platforms if left unchecked.

For threat actors, the move toward cloud-based notification hijacking is both lucrative and scalable. While the current campaign requires human operators to field calls, automation could soon allow scammers to mass-generate fake notifications with minimal overhead. Managed Service Providers (MSPs) that oversee Microsoft 365 for multiple clients are especially attractive targets; a single compromised MSP console could propagate fraudulent billing messages across hundreds of companies simultaneously. This potential for supply-chain compromise amplifies the urgency for systemic fixes.

Conclusion: Rethinking Trust in the Cloud Era

The abuse of Microsoft 365’s notification system is a grim reminder that attackers will always find the weakest link—and increasingly, that link is the trust placed in cloud infrastructure itself. By weaponizing Microsoft’s own email channel, cybercriminals have created a scenario where the most secure-looking message can be the most dangerous. For enterprises, the defense must now center on a culture of verification: every unexpected bill, every request to install software, every urgent call to action must be scrutinized, regardless of how legitimate it appears.

Technical defenses, robust as they are, cannot alone compensate for the psychological tricks that make these scams succeed. The path forward combines skeptical users, hardened endpoints, and cloud providers that treat their own messaging systems as potential attack vectors. In the battle for digital trust, the age-old maxim holds: trust, but verify—always.