OneDrive Phishing Scam Redirects to Fake Adobe Login Page

2-min Read4 Comments

  • Phishing Scam
  • Cybersecurity
  • OneDrive

Cybercriminals are using a OneDrive-themed email to redirect users to a fake Adobe login page, harvesting credentials in a stealthy phishing scam. Learn how to spot and avoid it.

New Phishing Alert: OneDrive Scam Targets Adobe Credentials

Australian cybersecurity firm MailGuard has detected a sophisticated phishing campaign disguised as a Microsoft OneDrive shared document notification. This scam redirects users to a counterfeit Adobe login page, harvesting email credentials in the process.

How the Scam Works

  • Victims receive an HTML email claiming to share a document via OneDrive.
  • Clicking the "View Document" button redirects to a fake Adobe login page, hosted on a suspicious domain.
  • The page prompts users to enter their email credentials. After a "login failed" message, users are redirected to the real Adobe site—further masking the scam.

Scam Tactics

  • Emails feature neutral, professional language with subject lines like “Contract Form 6122025_2JD01” or “PO 6122025”.
  • Randomised sender details mimic corporate domains.
  • Uses well-known brand imagery (Microsoft, Adobe) to gain trust.

MailGuard’s Expert Insights

MailGuard CEO Craig McDonald warns, “All it takes is one click. These scams use familiarity to disarm users.” CTO Anwar Ibrahim adds, “Neutral language and popular tools make the scam believable—even to cautious recipients.”

MailGuard’s Head of Engineering, Prathik Chandrashekar, notes the challenge: “Redirect chains hide the real destination. That’s why AI-powered real-time detection is crucial.”

Red Flags to Watch For

  • Generic emails not addressing you by name
  • Unusual or suspicious URLs mimicking Adobe or Microsoft
  • Unexpected document shares or vague file descriptions
  • Awkward grammar or missing context in the email body

Advice for Businesses

  • Delete suspicious emails immediately without clicking links.
  • Do not enter credentials on unfamiliar login pages.
  • Enable multi-factor authentication (MFA) for critical accounts.
  • Train employees to identify phishing tactics and verify document requests independently.

About MailGuard

MailGuard is an Australian cybersecurity leader protecting over 5,500 global organisations. Their AI-powered MyGuard platform detects threats like phishing, ransomware, and Business Email Compromise (BEC) in milliseconds, helping businesses stay one step ahead of scammers.

Comments from our readers

A
Anonymous

Understanding phishing tactics

This fraudulent scheme illustrates the evolving sophistication of phishing attacks. By leveraging brand recognition and logistical strategies like redirect chains, cybercriminals exploit user trust effectively. It’s imperative for organisations to adopt proactive measures, including AI-driven security solutions and rigorous employee training to combat such deceptive tactics.

A
Anonymous

Phishing awareness needed

Crikey, this OneDrive scam sounds dodgy! Always double-check links, folks. Let’s keep our info safe out there!

A
Anonymous

Great awareness effort

Thanks for raising awareness! It's crucial we all stay vigilant against these sophisticated scams.

S
Stiller

Phishing tactics expose vulnerabilities

The utilisation of familiar platforms in phishing scams highlights significant weaknesses in user verification processes and cybersecurity education.