The latest phishing email to be blocked by MailGuard attempts to steal email login credentials by mimicking Microsoft Outlook and preying on the user’s sense of trust in the brand. Although at first glance, the email could be mistaken for one that has come directly from Microsoft, upon closer inspection, there are a few tell-tale signs that show it’s a scam.
The email’s subject line reads “warning conference please take action” – the incorrect grammar and poorly worded sentence are just the first red flag. The sender’s name show’s “server IT”, however, the email comes from “support(at)losvegas(dot)es” which is a Spanish hosted domain and is certainly not Microsoft branded.
The email content shows the Microsoft logo, and the body explains that “some messages are restrained from delivery to” the user’s email address, then continues on that “Due to low bandwidth, we notify you to take prompt actions”. The user is then given the option of selecting one of two buttons to “Release Messages” or “Review Here”.
Here’s what the email looks like:
After clicking on either of the buttons, the user is redirected to the phishing site which is cleverly crafted to look like an Outlook Web App login page. The user is instructed to enter their username and password to sign in.
When the user enters their email address and password, an error explains that the details were incorrect and to try again. By this point, the user’s details have already been harvested.
Although the scam is simple in nature, email accounts are the core of our digital identities. When they’re compromised, cybercriminals have immediate access to our contacts, and an opportunity to hack other personal accounts, such as social media or banking.
MailGuard strongly recommends all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
One email is all that it takes
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.
