Abuse Report
Abuse Report

MSRC reporting portal

Report abuse originating from Microsoft-hosted sites or services, including cyber attacks, malicious network activity, distribution of illegal content or generally violating Microsoft's Terms of Use.

IP Address threats

IP Address - Brute Force

Relates to when an attacker uses trial-and-error to exhaustively explore all possible values to unlock an asset (Password Spray, Dictionary Attack).

IP Address - Denial of Service

Relates to an interruption or suspension of services or hosts through a large number of interactions with the target or by depleting resources to the point where the target's functionality is affected (Flooding, Reflection Attack, Resource Depletion).

IP Address - Illegal

Relates to any activity not aligning to other incident types that is prohibited by law, regulation, governmental order or decree, or otherwise violates the rights of others.

IP Address - Malware

Relates to the hosting or distribution of malicious software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

IP Address - Spam

Relates to unsolicited emails that are often referred to as unwanted junk emails, they are sent out in bulk and typically for commercial purposes.

URL related threats

URL - Illegal

Relates to any activity not aligning to other incident types that is prohibited by law, regulation, governmental order or decree, or otherwise violates the rights of others.

URL - Malware

Relates to the hosting or distribution of malicious software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

URL - Responsible AI

Relates to Microsoft's Responsible AI principles: reliability and safety, fairness, privacy and security, inclusiveness, transparency and accountability. Only available through the Report Abuse Portal.

URL - Phishing Website

Relates to social engineered emails with fraudulent intent, where attackers deceive people into revealing sensitive information or installing malware such as ransomware.

Impersonation

Impersonation - Email/Name

The attack provisions an M365 tenant with a similar name to the impersonated party. Sometimes this can be done with a homoglyph name, but other times by adding simple words like “company,” “incorporated,” “partners,” etc.

Impersonation - Domain (URL)

Domain impersonation is a form of cyber-attack in which malicious actors create fraudulent domains that mimic legitimate ones sometimes by exploiting the similarities between alpha-numeric characters to create this legitimate appearance (Homoglyph/typo squatting). This method is frequently employed in phishing schemes to deceive users into thinking they are engaging with a reputable entity, like a company or organization, to illicitly obtain sensitive information, data, or financial assets.

Impersonation - Typo squatting

Typo squatting domains involves the registration of domain names that exploit the similarities between alpha-numeric characters to create this legitimate appearances. Homographs or homoglyphs have similarities in pronunciations or identical appearances. For example, MICROSOFT.COM and MICR0S0FT.COM are homoglyph domains. These attacks leverage fake domains that are used in attempts to spoof a legitimate company or user, target a victim, and provide a phishing lure resulting in a compromise.

Security threats

Security Incident - Vulnerability

Relates to a weakness in the computational logic : (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, OR availability.

The Microsoft Security Response Center investigates all reports of security vulnerabilities affecting Microsoft products and services. If you are a security researcher and believe you have found a Microsoft security vulnerability, we would like to work with you to investigate it.

Microsoft follows Coordinated Vulnerability Disclosure (CVD) . We request that you follow these guidelines to help us protect customers and the ecosystem from harm.

OAuth Application

OAuth Application - Fraudulent publisher

Relates to cases where an OAuth App's publisher or developer appears to be fraudulent, or seems to be impersonating an authentic publisher.

OAuth Application - Suspicious app

Relates to cases where an OAuth App is misrepresenting its identity for fraudulent purposes, including impersonating a legitimate app to mislead users, or being used in another abusive way.

OAuth Application - Misuse of data

Relates to cases where a legitimate OAuth App from a legitimate publisher is mishandling or abusing access to data in a way that violates a terms of service agreement.

Community Gallery

Community Gallery - Malicious Artifact

Relates to distribution of malicious software such as malware through an image or an app that is accessible via the Community Gallery.

Community Gallery - Malicious Text or URL

Relates to the hosting or distribution of malicious software (such as malware, phishing etc.) or hosting inappropriate content (such as adult, violent etc) via the metdata text and/or URLs made publicly accessible to azure customers via Community Gallery.

Other

CSEAI

Relates to Child Sexual Exploitation and Abuse Imagery.

Outlook Spam

Relates to Spam, impersonation, or phishing incidents originating from Outlook, Hotmail, Live or MSN email addresses used to manipulate targets or sending unsolicited emails.

Tech support

I need help with a technical issue or tech support. Relates to Microsoft product and account support inquiries, including help with managing subscriptions, sign in or password help, Microsoft account support, etc.

Subpoena

Relates to a writ issued by a government agency, most often a court, to compel testimony by a witness or production of evidence under a penalty for failure.

Unsafe site or URL

Relates to sites that are impersonating other sites, contain malware, or are acting suspiciously by displaying fake warnings or opening persistent pop-ups.

Infringement

Relates to infringements of exclusive legal rights, given to an originator or an assignee to print, publish, perform, film, or record literary, artistic, or musical material, as well as unauthorized use of legally registered symbols or words.

Bing Bot

Relates to issues of Bingbot overcrawling your site or not observing robots.txt rules

Privacy

Relates to personal data that Microsoft collects, including inquiries about how to access and delete your data.