Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

Microsoft Reports Cyberattacks on Targeted Email Accounts

Last Revised

The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the Microsoft blog for additional information and recommendations and CISA’s Tip on Supplementing Passwords.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.