Skip to main content
Audit Agent Compliance evidence & audit prep Operations Agent M365 operations & CIS benchmarks Cloud Adoption Agent Azure migration & CAF delivery CyberAware Training Security awareness & phishing sims Remote Support Start a secure support session Helpdesk & SLAs +44 20 8396 0877 · response times by plan All Customer Tools Portals, admin consoles & more
Preview Your Audit
Preview Your Audit

Lookalike login page

You just clicked a phishing link.

Good news — this was a simulated phishing test run by your IT team. No credentials were captured. Modern attackers are skilled at cloning Microsoft 365 and other login screens — here's how to spot the fake.

What to look out for next time

  1. Always check the address bar before entering a password. Microsoft 365 sign-in lives at login.microsoftonline.com — anything else is a forgery, no matter how convincing the page looks.

  2. If your password manager doesn't auto-fill on a familiar site, treat that as a warning sign. Password managers match by domain, so a fake page won't trigger the suggestion.

  3. Multi-factor authentication is your last line of defence. Approve a sign-in prompt only when you initiated it. If a prompt appears unexpectedly, deny it and report.

Strengthen your team's phishing defence

This sample page is part of our managed security awareness service. Branded landing pages, 100+ phishing templates, automated remedial training, and ISO 27001 A.6.3 evidence — all run for you.

Learn about awareness training Take the free assessment

Showing this to a prospect? See all four variants on the sample landing pages index.