Microsoft’s Outlook email service in China was hacked by the country’s censorship authority, an internet watchdog has claimed, as the government continues its crackdown on U.S. technology giants.
Greatfire.org, which monitors censorship in China, said that Microsoft’s servers were subject to a so-called man-in-the-middle (MITM) attack, enabling hackers to intercept private emails between users.
A Microsoft spokesperson told CNBC they were aware of “a small number of customers impacted by malicious routing to a server impersonating Outlook.com.”
It is hard for a victim to detect this type of attack because the man-in-the-middle is often just eavesdropping and mining the data being sent. In this instance, hackers targeted the technology which communicates with Microsoft’s servers and enables users to access emails on their smartphones.
“We suspect that the Cyberspace Administration of China, which is directly in charge of censorship… is directly responsible for the MITM attack against Outlook, and the recent related MITM attacks in China,” Greatfire’s report said.
The attack follows a complete block of Google’s Gmail in China and highlights the way in which Chinese authorities are allegedly tightly controlling communication in the world’s second-largest economy.
“This new attack signals that the Chinese authorities are intent on further cracking down on communication methods that they cannot readily monitor,” Greatfire’s report added.
The watchdog called this form of attack – which affects mobile devices when emails are being downloaded automatically in the background – as “especially devious.”
“The warning messages users receive from their email clients are much less noticeable than the warning messages delivered to modern browsers,” Greatfire’s report said.
The Microsoft spokesperson added: “If a customer sees a certificate warning, they should contact their service provider for assistance.”
When a user opened their inbox on their phone, a message popped up which said the identity of the email server could not be verified. But the Greatfire report said consumers will “not think twice” before clicking the “continue” option on the error message as they would likely attribute it to a network problem.
If a user hit continue, their emails and login credentials would be in the hands of the hackers.
“We strongly recommend that users never bypass certificate error messages by clicking ‘continue’,” the report warned.