Facebook alerted me that some SSL certificates have been issued that potentially phish one of our domains:
The detailed view for one of these entries is as follows:
When I access one of these domains, it forwards to our actual domain.
There are plenty of resources online about the risks that are involved if this is, indeed, the beginnings of a phishing attack. However, we're a low-reward target, so it's unlikely that someone is attempting to perform a phishing attack.
We don't use Microsoft's cloud, and I'm not very familiar with it. Is there a simple, innocuous explanation for the possible purpose of these domains and associated certificates? We provide a SaaS product and do work with partners to fulfill certain parts of our system. Perhaps one of our partners uses Microsoft cloud and their system caused these domains and certificates to be generated?
I'd ask Microsoft, but since we're not a customer of theirs, they won't help us... ♂️