MADRID, June 19 (Portaltic/EP) –
A vulnerability in Microsoft system allows anyone to send an email impersonating the corporate identity of this company, making it more difficult to identify a phishing scam.
SolidLab security researcher Vsevolod Kokorin, who identifies himself on social networks as slonser, has discovered a vulnerability that allows anyone to impersonate the Microsoft identity of a corporate account.
This bug only works when sending an email to an Outlook account, the Microsoft service that has 400 million users around the world.
As explained in TechCrunch, Microsoft’s identity is replicated with such authenticity that it is difficult to say whether it was sent by the company’s Security team or a scammer, based on the ’email’ sent by slonser to this medium, as a example.
The researcher shared the existence of this vulnerability with Microsoft last week. When he did not receive a response, he decided to notify him through his profile on without sharing technical detailswhich has not been revealed at the moment, waiting for the company to patch it.
