Malicious notifications are a growing threat, particularly for Microsoft 365 users. Recent attacks exploit trusted sender addresses like
[email protected] to inject fraudulent billing messages into transactional emails. Because these malicious notifications come from legitimate domains, they bypass standard email security filters, making them highly dangerous for enterprise environments. Users should scrutinize unexpected billing alerts and verify any requests for action directly through official channels. Staying informed about these stealthy attack waves is essential for protecting business data and maintaining security hygiene.