Suspicious

Phishings targeting Microsoft

Suspicious and active websites


Phishings targeting Microsoft

Suspicious and active websites


Active
36
New (7d)
8
Trend (7d)
↑300%
About
AIEnterprise SSO target. A successful Microsoft 365 / Outlook phish unlocks the mailbox plus downstream business apps via OAuth and is a frequent precursor to BEC fraud.
Countries
United StatesUnited States (11) · United KingdomUnited Kingdom (7) · IrelandIreland (5)
TLS certs
R13 (7) · Let's Encrypt (4) · WE1 (3)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-07-14 05:47 2026-07-14 05:47
https://click7.microsoftsupportcenter.digital
Screenshot of click7.microsoftsupportcenter.digital GSB Details
2026-07-14 01:30 2026-07-13 22:00
https://server-index-edit--microsoft-ads.replit.app
Screenshot of server-index-edit--microsoft-ads.replit.app GSB PhishTank urlscan Details
2026-07-14 01:30 2026-07-13 21:00
https://secure-web-editor--microsoft-ok.replit.app
Screenshot of secure-web-editor--microsoft-ok.replit.app PhishTank Details
2026-07-14 01:30 2026-07-13 14:34
https://microsoft-identity.com
Screenshot of microsoft-identity.com urlscan Details
2026-07-14 01:30 2026-07-12 15:41
https://click6.microsoftsupportcenter.digital
Screenshot of click6.microsoftsupportcenter.digital GSB Details
2026-07-14 01:30 2026-07-12 15:41
https://click4.microsoftsupportcenter.digital
Screenshot of click4.microsoftsupportcenter.digital GSB Details
2026-07-14 01:30 2026-07-12 15:41
https://click5.microsoftsupportcenter.digital
Screenshot of click5.microsoftsupportcenter.digital GSB Details
2026-07-14 01:30 2026-07-07 01:00
http://outlookvalidardatosmsn-whatsapp.iceiy.com
Screenshot of outlookvalidardatosmsn-whatsapp.iceiy.com OpenPhish urlscan Details
2026-07-14 01:30 2026-07-04 03:26
https://forms.cloud.microsoft
Screenshot of forms.cloud.microsoft PhishTank Details
2026-07-14 01:30 2026-07-01 13:01
https://microsoftomsa.zya.me/indexx.html
Screenshot of microsoftomsa.zya.me OpenPhish Details
2026-07-14 01:30 2026-06-28 01:03
https://login.microsoftonline.hmvegn.ie
Screenshot of login.microsoftonline.hmvegn.ie GSB OpenPhish urlscan Details
2026-07-14 01:30 2026-06-27 01:01
http://ctia-outlook-2026.s1.yapla.com/en/visitors
Screenshot of ctia-outlook-2026.s1.yapla.com OpenPhish Details
2026-07-14 01:30 2026-06-26 01:01
https://onedrive.at-us.therelayservice.com/matpwp#/main?type=onedrive…
Screenshot of onedrive.at-us.therelayservice.com OpenPhish urlscan Details
2026-07-14 01:30 2026-06-25 13:01
https://cb85df97.onedrive-1mr.pages.dev/?naps
Screenshot of cb85df97.onedrive-1mr.pages.dev OpenPhish urlscan Details
2026-07-14 01:30 2026-06-25 13:01
https://outlook.verifytoken.com/s/63bzgfsvbwsfcdx7y9/584dd8/90eab167-…
Screenshot of outlook.verifytoken.com OpenPhish Details
2026-07-14 01:30 2026-06-25 13:01
http://microsoft-login-securitylogin.jimdofree.com
Screenshot of microsoft-login-securitylogin.jimdofree.com OpenPhish Details
2026-07-14 01:30 2026-06-25 05:54
https://microsoftjk.eu.org
Screenshot of microsoftjk.eu.org urlscan Details
2026-07-14 01:30 2026-06-20 13:00
https://hotmailoutlook2026.iceiy.com/?i=1
Screenshot of hotmailoutlook2026.iceiy.com OpenPhish Details
2026-07-14 01:30 2026-06-19 13:01
https://reactivar-microsoft-mxx.iceiy.com/?i=1
Screenshot of reactivar-microsoft-mxx.iceiy.com OpenPhish urlscan Details
2026-07-14 01:30 2026-06-18 13:02
http://ucrhp.rgva725lyrd.teams-login.xyz/common/oauth2/v2.0/authorize…
Screenshot of ucrhp.rgva725lyrd.teams-login.xyz GSB OpenPhish Details
2026-07-14 01:30 2026-06-17 01:06
https://office365.rricrosoft-offices.org/i/df3667320560f4a8a9918ef9f3…
Screenshot of office365.rricrosoft-offices.org OpenPhish Details
2026-07-14 01:30 2026-06-08 13:01
https://programme-hup.m365-microsoft.com/i/d721e212eb3094bfd99c9d047a…
Screenshot of programme-hup.m365-microsoft.com OpenPhish urlscan Details
2026-07-14 01:30 2026-06-06 11:32
https://onedriveauthorization.pages.dev
Screenshot of onedriveauthorization.pages.dev urlscan Details
2026-07-14 01:30 2026-06-06 01:02
http://security.m365-microsoft.com/i/d51ee024a6cb3468996ec7c9307051d1d
Screenshot of security.m365-microsoft.com OpenPhish urlscan Details
2026-07-14 01:30 2026-05-27 13:00
http://reactivar-microsoft-365.iceiy.com
Screenshot of reactivar-microsoft-365.iceiy.com OpenPhish urlscan Details
2026-07-14 01:30 2026-05-15 13:01
https://microsoft.authorised-support.com/new-account/eozafbyj1bjlmguf…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-07-14 01:30 2026-05-13 13:05
https://microsoft.account.trustedentity.com/http/microsoft.authorised…
Screenshot of microsoft.account.trustedentity.com GSB OpenPhish urlscan Details
2026-07-14 01:30 2026-05-12 01:01
http://microsoftquarantine.authorised-support.com/login/review/wjy99u…
Screenshot of microsoftquarantine.authorised-support.com GSB OpenPhish urlscan Details
2026-07-14 01:30 2026-05-10 09:44
https://microsoft-se.us
Screenshot of microsoft-se.us urlscan Details
2026-07-14 01:30 2026-05-05 13:02
https://outlook.webaccess-alert.com/s/63bzgfsvbwsfcdx7y9/584dd8/90eab…
Screenshot of outlook.webaccess-alert.com OpenPhish urlscan Details
2026-07-14 01:30 2026-04-20 23:54
https://hotmail.com.es
Screenshot of hotmail.com.es urlscan Details
2026-07-14 01:30 2026-04-20 01:01
http://reactivar-microsoft-live.iceiy.com
Screenshot of reactivar-microsoft-live.iceiy.com OpenPhish Details
2026-07-14 01:30 2026-04-09 00:00
https://outlook36validar.webcindario.com
Screenshot of outlook36validar.webcindario.com PhishTank urlscan Details
2026-07-14 01:30 2026-03-30 13:01
https://security.email-microsoft.com/diyc_smavt1av3ltaq
Screenshot of security.email-microsoft.com GSB OpenPhish urlscan Details
2026-07-14 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/i/ab041e84e499243eca3e98fb328201632
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-07-14 01:30 2026-03-28 01:01
https://office365.internal-alerts.com/i/d5b9af0d256f14c03ab8396a78d36…
Screenshot of office365.internal-alerts.com OpenPhish urlscan Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL Screenshot Details
https://click7.microsoftsuppo…
GSB
Screenshot of click7.microsoftsupportcenter.digital Details
https://server-index-edit--mi…
GSB PhishTank urlscan
Screenshot of server-index-edit--microsoft-ads.replit.app Details
https://secure-web-editor--mi…
PhishTank
Screenshot of secure-web-editor--microsoft-ok.replit.app Details
https://microsoft-identity.com
urlscan
Screenshot of microsoft-identity.com Details
https://click6.microsoftsuppo…
GSB
Screenshot of click6.microsoftsupportcenter.digital Details
https://click4.microsoftsuppo…
GSB
Screenshot of click4.microsoftsupportcenter.digital Details
https://click5.microsoftsuppo…
GSB
Screenshot of click5.microsoftsupportcenter.digital Details
http://outlookvalidardatosmsn…
OpenPhish urlscan
Screenshot of outlookvalidardatosmsn-whatsapp.iceiy.com Details
https://forms.cloud.microsoft
PhishTank
Screenshot of forms.cloud.microsoft Details
https://microsoftomsa.zya.me/…
OpenPhish
Screenshot of microsoftomsa.zya.me Details
https://login.microsoftonline…
GSB OpenPhish urlscan
Screenshot of login.microsoftonline.hmvegn.ie Details
http://ctia-outlook-2026.s1.y…
OpenPhish
Screenshot of ctia-outlook-2026.s1.yapla.com Details
https://onedrive.at-us.therel…
OpenPhish urlscan
Screenshot of onedrive.at-us.therelayservice.com Details
https://cb85df97.onedrive-1mr…
OpenPhish urlscan
Screenshot of cb85df97.onedrive-1mr.pages.dev Details
https://outlook.verifytoken.c…
OpenPhish
Screenshot of outlook.verifytoken.com Details
http://microsoft-login-securi…
OpenPhish
Screenshot of microsoft-login-securitylogin.jimdofree.com Details
https://microsoftjk.eu.org
urlscan
Screenshot of microsoftjk.eu.org Details
https://hotmailoutlook2026.ic…
OpenPhish
Screenshot of hotmailoutlook2026.iceiy.com Details
https://reactivar-microsoft-m…
OpenPhish urlscan
Screenshot of reactivar-microsoft-mxx.iceiy.com Details
http://ucrhp.rgva725lyrd.team…
GSB OpenPhish
Screenshot of ucrhp.rgva725lyrd.teams-login.xyz Details
https://office365.rricrosoft-…
OpenPhish
Screenshot of office365.rricrosoft-offices.org Details
https://programme-hup.m365-mi…
OpenPhish urlscan
Screenshot of programme-hup.m365-microsoft.com Details
https://onedriveauthorization…
urlscan
Screenshot of onedriveauthorization.pages.dev Details
http://security.m365-microsof…
OpenPhish urlscan
Screenshot of security.m365-microsoft.com Details
http://reactivar-microsoft-36…
OpenPhish urlscan
Screenshot of reactivar-microsoft-365.iceiy.com Details
https://microsoft.authorised-…
GSB OpenPhish urlscan
Screenshot of microsoft.authorised-support.com Details
https://microsoft.account.tru…
GSB OpenPhish urlscan
Screenshot of microsoft.account.trustedentity.com Details
http://microsoftquarantine.au…
GSB OpenPhish urlscan
Screenshot of microsoftquarantine.authorised-support.com Details
https://microsoft-se.us
urlscan
Screenshot of microsoft-se.us Details
https://outlook.webaccess-ale…
OpenPhish urlscan
Screenshot of outlook.webaccess-alert.com Details
https://hotmail.com.es
urlscan
Screenshot of hotmail.com.es Details
http://reactivar-microsoft-li…
OpenPhish
Screenshot of reactivar-microsoft-live.iceiy.com Details
https://outlook36validar.webc…
PhishTank urlscan
Screenshot of outlook36validar.webcindario.com Details
https://security.email-micros…
GSB OpenPhish urlscan
Screenshot of security.email-microsoft.com Details
http://support.m365-microsoft…
OpenPhish
Screenshot of support.m365-microsoft.com Details
https://office365.internal-al…
OpenPhish urlscan
Screenshot of office365.internal-alerts.com Details

AIHow to verify a real Microsoft URL

  • Legitimate Microsoft URLs always end in microsoft.com (e.g. www.microsoft.com, account.microsoft.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Microsoft.
  • The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
  • If you got the link from email, SMS, or social media, do not click it. Open microsoft.com from your browser bookmark or type the domain manually.
  • Real Microsoft pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.