Hackread has the story:
http://hackread.com/outlook-web-app-phishing-page-on-russian-site/
screenshot from fake page as on Hackread
That looks like a standard OWA access panel right? Except that it is actually on a Russian site designed to steal your credentials.
If you received an email stating: “check your email with this link, must see document ”
Then your click lands on the OWA page, so now if you enter your credentials (email and password) you will have given your info to the Russian criminals.
There is a difference between this fake page and a real one.
What is it? Here is a sample site:
Notice the blue highlighted box: No need to enter email address. The fake site is asking for your email address separately (so the criminal hackers have given themselves away), I would make sure I am at the right place before entering username and password. Otherwise the hackers have a very good beginning into trying to hack into your network.
Contact us to test your OWA server on the Internet with the Alpha scan.
New video that explains the Alpha scan: