Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Next up in the FabCon + SQLCon recap series: The roadmap for Microsoft SQL and Maximizing Developer experiences in Fabric. All sessions are available on-demand after the live show. Register now

Reply
adm_dwier
New Member

Anonymous, public BI Dashboards are being used to circumvent phishing protections in email

‎06-11-2025 10:16 AM

Hello,

 

Scammers are getting people's credentials, and:

  1. Creating a new Dashboard with a link to a fake Microsoft logon page.
  2. Setting permissions on this dashboard to be public.
  3. Sending this link to 365 customers, which gets through 365 malware filters, since it's a link to a PowerBI dashboard

Needed:

  • Items created on platforms like PowerBI (or Word Online, etc) need to be scanned for links out to malicious sites
  • PowerBI dashboards need to have a way to identify the owner of the dashboard
  • All sharing platforms need a way to report malicious content. Currently, PowerBI has a 'report' button you can (eventually) find in the sharing menu, but it links to a technote that recommends using this community forum for support.

Example is below.

 

CAUTION, this is a live scam link (as of 11 June 2025) that lands on a PowerBI "dashboard" that holds one link to a fake Microsoft logon page:

 

https://app.powerbi.com/view?r=eyJrIjoiNDIzNTQ4MmYtYmJkMC00NjBhLTgzZDYtZmNkODAwZWRkMGNmIiwidCI6ImQ5Y...

 

This is a link that was sent to several of our employees by a third party, showing how PowerBI is being used as an intermediary to get around 365 mail protections and compromise Microsoft accounts - and we have no recourse, or way to report this to Microsoft.

Labels:
Message 1 of 6
3,039 Views
0
1 ACCEPTED SOLUTION
v-venuppu
Community Support
Community Support

‎06-12-2025 03:14 AM

Hi @adm_dwier   ,

Thank you for reaching out to Microsoft Fabric Community.

Thank you @GilbertQ for the prompt response.

Report the dashboard as malicious to Microsoft via:
https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site

 

Submit a detailed abuse case through:
https://msrc.microsoft.com/

 

I also recommend submitting your detailed feedback and ideas through Microsoft's official feedback channels, such as the Fabric Ideas - Microsoft Fabric Community

 

If this post helps, then please consider Accepting as solution to help the other members find it more quickly, don't forget to give a "Kudos" – I’d truly appreciate it! 

Thank you.

 

 

 

View solution in original post

Message 4 of 6
2,917 Views
0
5 REPLIES 5
v-venuppu
Community Support
Community Support

‎06-19-2025 01:00 AM

Hi @adm_dwier ,

We are following up once again regarding your query. Could you please confirm whether the issue has been resolved through your support ticket with Microsoft?

If so, we would appreciate it if you could share the resolution or any key insights here to benefit others in the community. If we don’t receive a response, we will proceed with closing this thread.

If you need further assistance in the future, feel free to start a new thread in the Microsoft Fabric Community Forum. We will be happy to support you there.

Thank you

Message 6 of 6
2,797 Views
0
v-venuppu
Community Support
Community Support

‎06-16-2025 12:42 AM

Hi @adm_dwier ,

Have you had a chance to raise a  ticket and resolve this issue? If so, please consider sharing the solution in the forum and marking it as accepted, this will help other members find the answer more easily.

Thank you.

Message 5 of 6
2,848 Views
0
v-venuppu
Community Support
Community Support

‎06-12-2025 03:14 AM

Hi @adm_dwier   ,

Thank you for reaching out to Microsoft Fabric Community.

Thank you @GilbertQ for the prompt response.

Report the dashboard as malicious to Microsoft via:
https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site

 

Submit a detailed abuse case through:
https://msrc.microsoft.com/

 

I also recommend submitting your detailed feedback and ideas through Microsoft's official feedback channels, such as the Fabric Ideas - Microsoft Fabric Community

 

If this post helps, then please consider Accepting as solution to help the other members find it more quickly, don't forget to give a "Kudos" – I’d truly appreciate it! 

Thank you.

 

 

 

Message 4 of 6
2,918 Views
0
GilbertQ
Super User
Super User

‎06-11-2025 03:09 PM

Hi @adm_dwier 

 

What would highly recommend if you're using this or business users, is to not use the publish to a feature which can allow such instances to occur, but rather to pay for the licensing so the users have to be authenticated before they can access the reports. This will ensure that there are only accessing reports in a secure manner.





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 3 of 6
2,971 Views
0
adm_dwier
New Member

‎06-11-2025 10:27 AM

I'll note that I've seen scammers using other services as web hosting for scam landing pages, this isn't just PowerBI. Adobe, DocuSign, Canva, etc. Since the links go to the real app, they're not flagged. It's the link that's hosted there that bounces the user out to a fake 365 logon page.

Message 2 of 6
3,033 Views
0

Helpful resources

Announcements
New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

March Power BI Update Carousel

Power BI Community Update - March 2026

Check out the March 2026 Power BI update to learn about new features.

View All