Suspicious
Phishings targeting Microsoft
Suspicious and active websites
Phishings targeting Microsoft
Suspicious and active websites
Active
36
New (7d)
8
Trend (7d)
↑300%
Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.
| Last check (UTC) | First seen (UTC) ▾ | URL | Screenshot | Flags | Details |
|---|---|---|---|---|---|
| 2026-07-14 05:47 | 2026-07-14 05:47 | ![]() |
GSB | Details | |
| 2026-07-14 01:30 | 2026-07-13 22:00 | ![]() |
GSB PhishTank urlscan | Details | |
| 2026-07-14 01:30 | 2026-07-13 21:00 | ![]() |
PhishTank | Details | |
| 2026-07-14 01:30 | 2026-07-13 14:34 | ![]() |
urlscan | Details | |
| 2026-07-14 01:30 | 2026-07-12 15:41 | ![]() |
GSB | Details | |
| 2026-07-14 01:30 | 2026-07-12 15:41 | ![]() |
GSB | Details | |
| 2026-07-14 01:30 | 2026-07-12 15:41 | ![]() |
GSB | Details | |
| 2026-07-14 01:30 | 2026-07-07 01:00 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-07-04 03:26 | ![]() |
PhishTank | Details | |
| 2026-07-14 01:30 | 2026-07-01 13:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-28 01:03 | ![]() |
GSB OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-27 01:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-26 01:01 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-25 13:01 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-25 13:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-25 13:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-25 05:54 | ![]() |
urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-20 13:00 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-19 13:01 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-18 13:02 | ![]() |
GSB OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-17 01:06 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-06-08 13:01 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-06 11:32 | ![]() |
urlscan | Details | |
| 2026-07-14 01:30 | 2026-06-06 01:02 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-27 13:00 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-15 13:01 | ![]() |
GSB OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-13 13:05 | ![]() |
GSB OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-12 01:01 | ![]() |
GSB OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-10 09:44 | ![]() |
urlscan | Details | |
| 2026-07-14 01:30 | 2026-05-05 13:02 | ![]() |
OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-04-20 23:54 | ![]() |
urlscan | Details | |
| 2026-07-14 01:30 | 2026-04-20 01:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-04-09 00:00 | ![]() |
PhishTank urlscan | Details | |
| 2026-07-14 01:30 | 2026-03-30 13:01 | ![]() |
GSB OpenPhish urlscan | Details | |
| 2026-07-14 01:30 | 2026-03-28 13:01 | ![]() |
OpenPhish | Details | |
| 2026-07-14 01:30 | 2026-03-28 01:01 | ![]() |
OpenPhish urlscan | Details |
Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.
| URL | Screenshot | Details |
|---|---|---|
| https://click7.microsoftsuppo…
GSB |
![]() |
Details |
| https://server-index-edit--mi…
GSB PhishTank urlscan |
![]() |
Details |
| https://secure-web-editor--mi…
PhishTank |
![]() |
Details |
| https://microsoft-identity.com
urlscan |
![]() |
Details |
| https://click6.microsoftsuppo…
GSB |
![]() |
Details |
| https://click4.microsoftsuppo…
GSB |
![]() |
Details |
| https://click5.microsoftsuppo…
GSB |
![]() |
Details |
| http://outlookvalidardatosmsn…
OpenPhish urlscan |
![]() |
Details |
| https://forms.cloud.microsoft
PhishTank |
![]() |
Details |
| https://microsoftomsa.zya.me/…
OpenPhish |
![]() |
Details |
| https://login.microsoftonline…
GSB OpenPhish urlscan |
![]() |
Details |
| http://ctia-outlook-2026.s1.y…
OpenPhish |
![]() |
Details |
| https://onedrive.at-us.therel…
OpenPhish urlscan |
![]() |
Details |
| https://cb85df97.onedrive-1mr…
OpenPhish urlscan |
![]() |
Details |
| https://outlook.verifytoken.c…
OpenPhish |
![]() |
Details |
| http://microsoft-login-securi…
OpenPhish |
![]() |
Details |
| https://microsoftjk.eu.org
urlscan |
![]() |
Details |
| https://hotmailoutlook2026.ic…
OpenPhish |
![]() |
Details |
| https://reactivar-microsoft-m…
OpenPhish urlscan |
![]() |
Details |
| http://ucrhp.rgva725lyrd.team…
GSB OpenPhish |
![]() |
Details |
| https://office365.rricrosoft-…
OpenPhish |
![]() |
Details |
| https://programme-hup.m365-mi…
OpenPhish urlscan |
![]() |
Details |
| https://onedriveauthorization…
urlscan |
![]() |
Details |
| http://security.m365-microsof…
OpenPhish urlscan |
![]() |
Details |
| http://reactivar-microsoft-36…
OpenPhish urlscan |
![]() |
Details |
| https://microsoft.authorised-…
GSB OpenPhish urlscan |
![]() |
Details |
| https://microsoft.account.tru…
GSB OpenPhish urlscan |
![]() |
Details |
| http://microsoftquarantine.au…
GSB OpenPhish urlscan |
![]() |
Details |
| https://microsoft-se.us
urlscan |
![]() |
Details |
| https://outlook.webaccess-ale…
OpenPhish urlscan |
![]() |
Details |
| https://hotmail.com.es
urlscan |
![]() |
Details |
| http://reactivar-microsoft-li…
OpenPhish |
![]() |
Details |
| https://outlook36validar.webc…
PhishTank urlscan |
![]() |
Details |
| https://security.email-micros…
GSB OpenPhish urlscan |
![]() |
Details |
| http://support.m365-microsoft…
OpenPhish |
![]() |
Details |
| https://office365.internal-al…
OpenPhish urlscan |
![]() |
Details |
AIHow to verify a real Microsoft URL
- Legitimate Microsoft URLs always end in
microsoft.com(e.g.www.microsoft.com,account.microsoft.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like.xyz/.top/.vip— is not Microsoft. - The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
- If you got the link from email, SMS, or social media, do not click it. Open
microsoft.comfrom your browser bookmark or type the domain manually. - Real Microsoft pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.



































