Reports indicate that a legitimate Microsoft email address, [email protected], is being exploited for a scam spam campaign. This address is linked to Power BI, a Microsoft platform for analytics. The company advises users to add this address to their allow lists to prevent spam filters from blocking legitimate communications, but now it's being used maliciously.

An Ars Technica reader received an email falsely claiming a $399 charge. The email provided a phone number to dispute the transaction, which led to an attempt to install remote access software. Security firm Proofpoint confirmed that scammers are abusing a Power BI function that allows external email addresses to subscribe to reports, adding credibility to the phishing attempt.

The abuse of legitimate services like Microsoft Power BI helps attackers evade traditional email-based detection methods. The emails originate from a trusted domain, which lowers the likelihood of automated filtering. Historically, scammers have exploited similar functionalities on other platforms like Google Cloud. Microsoft is investigating the reports, but the details on opt-in are still unknown.

This incident underscores the importance of caution, even when emails appear to come from trusted sources. Always verify requests, especially those involving financial information or remote access. It's crucial for users to remain vigilant and report suspicious activity to the appropriate authorities. The situation highlights the ongoing cat-and-mouse game between scammers and tech companies.