We are consistently seeing hackers trying new and advanced way to trick you into giving them your password!
I wanted to write a quick post to show you a couple of the new phishing scams going around so you can educate your self and help protect your business!
Office 365 Team fake email
This first one is a scammer posing as someone from Microsoft Office 365 team. They have done a great job.
They give you a sense of urgency by having the email marked for followup and also having a highlighted header that says “This message is from a trusted sender” to try and trick you into a false sense of security.
It may look like this in your inbox
The full email is done quite well and looks relatively legitimate. Please note, it is unlikely that you would ever get an email with this sort of message from Microsoft or the Office 365 team.
You will see in the image below, the from address is nicely done to look like it is from Microsoft
When looking at the content of the email, on first glance it looks like a legitimate email. The key things to be aware of here are
- Acceptable use policy and privacy notice links at the bottom do not actually have any links
- The “sign in to the customer portal” is an absoltuely dodgy link – this is where they will try and capture your username and password to compromise your account
TIP: if you hover your mouse over the “sign in to the customer portal” link, it will display the actual website address that it is trying to take you to. The important part to look at here is what comes before the “.com” as you can see in this picutre, it is trying to take you to a site that is giize.com which is definitely not a microsoft site.
I hope this post has given you some insight into some of the latest phishing email scams. Keep yourself protected and if an email looks suspicious, treat it that way!
We have some great tools to help train your staff and find where you are exposed to a phishing attack.
Please get in touch now to find out more!
Here is a great video from one of our security partners on phishing emails. I