Cybercriminals are hijacking Microsoft Azure Monitor alerts to execute sophisticated callback phishing attacks. By impersonating the Microsoft Security Team, attackers send fake notifications about suspicious account charges, urging recipients to call a provided number. Using Azure’s trusted notification system, these campaigns can easily pass as genuine, particularly in fast-paced environments where such alerts are common.
To mitigate risk, scrutinise sender addresses, provide continuous security training, and insist on multi-factor authentication and account segregation. Microsoft never asks for sensitive details or immediate call-backs via alert emails. As trusted IT tools become regular targets for phishing, ongoing vigilance and prompt reporting of suspicious activity remain crucial.
