Cybercriminals are abusing the Microsoft 365 Admin Portal to send sextortion emails, bypassing typical email security filters.
By exploiting the portal’s “Share” feature, scammers can send extortion messages using Microsoft’s legitimate communication channels.
The scam involves sending emails claiming hackers have compromising personal content, demanding cryptocurrency payments to prevent alleged distribution.
By using the “[email protected]” address and manipulating the personal message field’s character limit through browser developer tools, threat actors can bypass standard email protections.
Microsoft has acknowledged the investigation but has not yet implemented server-side checks to prevent these malicious messages. Cybersecurity experts advise recipients to recognize these as scams and delete the emails without engaging.