Advice Request Is this legit? - microsoftonline.com

Jaspion · Dec 19, 2020

Hello M'Tippers!

So, I've come across a website that aroused my suspicions. Found it while attempting to sign up for a shopping mall's Xmas prize car competition.

The website in question was a subdomain of: microsoftonline.com

What do you think?

upnorth · Dec 19, 2020

Whois microsoftonline.com

Whois Lookup for microsoftonline.com

www.whois.com

Sadly there is many scam and fraudulent sites and even subdomains, but try use the link I shared and add the specific subdomain in your search. It should be registered to the same owner. Otherwise you can always start doing a bit deeper check. Here's a few tips and links that hope fully might help as a start.

Holiday Scam Season Is Here for All Shoppers

The holiday shopping season is in full swing, with Black Friday and Cyber Monday just around the corner, and scammers have been getting ready to cash in from their fraud campaigns. While some fraudsters target the online landscape fooling shoppers with lookalike domains, others focus on...

malwaretips.com

Venustus · Dec 19, 2020

VirusTotal

www.virustotal.com

Site cannot be reached

TairikuOkami · Dec 19, 2020

It is http only, needless to say more?

Microsoftonline.com email accounts Phishing

Recently we have seen an uptick in Phishing attacks from @.microsoftonline.com accounts. These attacks are primarily seeking to gain access to an individuals Microsoft account login

answers.microsoft.com

LeMinhThanh · Dec 19, 2020

It’s legit

roger_m · Dec 19, 2020

Yes it is legit. It's mentioned in the following link.

Microsoft’s real Office 365 portal (login.microsoftonline.com)

login.microsoftonline.com – Krebs on Security

Jaspion · Dec 19, 2020

What do you guys make of this?

On Visual Capitalist (never heard of it before) you'll find this article:

Ranking the Top 100 Websites in the World

Where microsoftonline.com is said to be a "phishing scam operating at a large scale".

Found it at:

Also,

roger_m · Dec 19, 2020

@Jaspion It is a legit site and is still online. The following link is working, but there is no webpage if you just go to microsoftonline.com

Sign in to your account

login.microsoftonline.com

Jaspion · Dec 19, 2020

More intriguing news, and something I forgot to mention. The original subdomain I mentioned stopped working just as I posted my questions here.

Today if you go to the mall's website and try the sign-up link for the car prize, you'll be taken to a onmicrosoft.com subdomain. There's a lot of phishing reports about this online, more so than the other domain.

I wonder why.

roger_m · Dec 19, 2020

Jaspion said:
you'll be taken to a onmicrosoft.com subdomain. There's a lot of phishing reports about this online, more so than the other domain.

It's also legit.

Domains Frequently Asked Questions

Learn more about domains (onmicrosoft domain and transfer domain) by finding answers to your questions in FAQ.

docs.microsoft.com

upnorth · Dec 20, 2020

Microsoft Entra Connect: Troubleshoot Microsoft Entra connectivity issues - Microsoft Entra ID

Learn how to troubleshoot connectivity issues with Microsoft Entra Connect.

docs.microsoft.com

Jaspion said:
onmicrosoft.com subdomain. There's a lot of phishing reports about this online, more so than the other domain.

I wonder why.

onmicrosoft.com is found here.

Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise

Summary: Microsoft 365 requires connectivity to the Internet. The endpoints in this article should be reachable for customers using Microsoft 365 plans, including Government Community Cloud (GCC).

docs.microsoft.com

Jaspion said:
Today if you go to the mall's website and try the sign-up link for the car prize

The problem here is not the 100% legit Microsoft links. It's the malls website and extra so it's so called webmaster.

Jaspion · Dec 20, 2020

upnorth said:
Microsoft Entra Connect: Troubleshoot Microsoft Entra connectivity issues - Microsoft Entra ID

Learn how to troubleshoot connectivity issues with Microsoft Entra Connect.

docs.microsoft.com

onmicrosoft.com is found here.

Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise

Summary: Microsoft 365 requires connectivity to the Internet. The endpoints in this article should be reachable for customers using Microsoft 365 plans, including Government Community Cloud (GCC).

docs.microsoft.com

The problem here is not the 100% legit Microsoft links. It's the malls website and extra so it's so called webmaster.

Ok, the mall's website looks like this:

Code:

https://apiacesso.b2clogin.com/apiacesso.onmicrosoft.com/oauth2/v2.0/authorize?client_id={REDACTED}&response_type=code&redirect_uri=https://plazasulshopping.com.br/usuario/autenticacao&response_mode=query&scope=openid&p=B2C_1A_signup

(client id redacted)

Perhaps not in this case, but could phishing agents be abusing these Microsoft domains?

Search

Advice Request Is this legit? - microsoftonline.com

Jaspion

Level 17

upnorth

Level 68

Whois microsoftonline.com

Holiday Scam Season Is Here for All Shoppers

Venustus

Level 59

VirusTotal

TairikuOkami

Level 38

Microsoftonline.com email accounts Phishing

LeMinhThanh

From LMT AntiMalware

roger_m

Level 43

Jaspion

Level 17

Attachments

roger_m

Level 43

Sign in to your account

Jaspion

Level 17

roger_m

Level 43

Domains Frequently Asked Questions

upnorth

Level 68

Microsoft Entra Connect: Troubleshoot Microsoft Entra connectivity issues - Microsoft Entra ID

Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise

Jaspion

Level 17

Microsoft Entra Connect: Troubleshoot Microsoft Entra connectivity issues - Microsoft Entra ID

Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise

Similar threads