We’ve recently observed an increase in phishing activity across multiple environments.
Many of these incidents appear to originate from known or trusted senders and often include links to shared files. When clicked, these links redirect users to web‑based sign‑in pages that prompt them to enter their credentials.
Please note that these sign‑in pages are not hosted by Microsoft, even though they may look convincing. We strongly recommend reviewing the URL of any sign‑in page before entering credentials. If the website address is not clearly associated with Microsoft (for example, microsoft.com or login.microsoftonline.com), it should be treated as suspicious.
We are also seeing an increase in spoofed and impersonation emails, where messages appear to come from yourself or other individuals within your firm. These emails are designed to look legitimate but are sent by external attackers.
Key reminders:
- Be cautious of unexpected shared‑file links, even if they appear to come from known senders
- Always verify the sign‑in URL before entering credentials
- Avoid signing in through links that do not point to official Microsoft domains
- If you receive an email impersonating yourself or someone in your organization, please report it to Align, and we will work to remediate the issue
If you believe you may have interacted with a suspicious link, entered your credentials, or received an impersonation email, please contact your account manager or email us at help@align.com.
We will continue to actively monitor these threats and take appropriate steps to reduce risk.
Additional Resources
If you have any questions, don't hesitate to reach out to Align's Help Desk at 855-482-5446 or email help@align.com.
Thank you,
Align Managed Services
