There's a new scam making the rounds, and it's more convincing than most.
It looks like a genuine alert from Microsoft Azure Monitor. It comes from a real Microsoft domain. And it lands in your inbox without being flagged as suspicious.
That's exactly why it's catching people out.
Azure Monitor is a tool businesses use to keep an eye on their cloud systems. It tracks performance, spots problems, and sends alerts when something needs attention.
If you're running services in Microsoft Azure, these kinds of notifications are completely normal. So when an email arrives saying there's a billing issue, suspicious activity, or a problem with your account, it doesn't immediately raise alarm bells.
That's where the problem starts.
Azure Monitor lets users create custom alerts based on certain triggers, like a new invoice being generated or account activity. Whoever sets up the alert can also write their own message.
Attackers are taking advantage of this. They create alerts with basic triggers, write their own urgent-sounding warning, and send it to mailing lists they control.
The result is a polished, legitimate-looking email, delivered through Microsoft's own system. Because it isn't spoofed in the traditional sense, many email security tools let it straight through.
The email typically pushes you to act quickly. Think unexpected charges, unrecognized invoices, or a claim that your account has been suspended. Then it directs you to call a phone number to "resolve" the issue.
We've seen similar tactics using PayPal and Google tools. The pattern is the same: take a platform people already trust and use it as the delivery method for the scam.
Pause. That's the most important step.
If an email is pushing you to act urgently, especially to call a number or share information, verify it before you do anything else.
Go directly to your Azure account through your browser, not through any link in the email, and check for alerts there. If there's a real issue, it will show up inside your account.
If you're not sure, ask your IT support provider to check before you act.
Phishing has evolved. It's no longer badly written emails with obvious spelling mistakes. Some of these messages are polished, well-timed, and delivered through systems your team already trusts.
Awareness is more important than ever.
Not confident your team would spot something like this? Let's connect.
