Office 365 Email Security Alert.
Here we have another example of a phishing or account hijacking attempts where the sender is spoofing an email pretending to come for Office 365. Not exactly a new method but, we feel it’s important to remind our users that these types of emails tend to make the rounds now and then.
These emails are targeted at Office 365 users and we urge our Office 365 clients to please take note of these types of phishing scams. The email will redirect you to a none Microsft website requesting your username and password. If a user supplies the correct login credentials a bot will login to the Office 365 account of the user and downloads all contact information in the address book and then send the same email to all the contacts. It is not exactly sure what else they do with your account once they have the login credentials but a wealth of information is stored in your inbox from account information to financial statements that can be used to target you.
We urge our users to always be vigilant of any email requesting login information. There are a couple of variations of this email some saying that the account will be locked or the mailbox is almost full.
For more info please visit https://wireguided.com/2018/08/sample-fake-office-365-emails/
Please always follow these steps to identify hacking/phishing/scam emails.
1. Check if the sender’s address is legit. If you do not know the sender then do not comply with any request in the email.
2. The email will always be worded as something urgent that must be done.
3. The sentences in the email might be out of context.
4. Sentences that contain full caps wording.
5. Check for bad grammar and spelling.
6. Links in the email that redirect to a cloned website where the address in the address bar does not correspond to the website visited.