Receiving an email about supposedly pending or inaccessible messages can be alarming, but it doesn’t hurt to think twice about the credibility of the email – especially if it involves clicking on unknown links.
MailGuard intercepted a phishing email that uses the display name “Mail Delivery System”. The email forges the recipient’s address as the envelope address. It is titled “You have 8 pending emails for…”, along with the recipient’s email address. The email body includes a header with the words “Office 365” and informs users that they have “8 pending emails” from their “organization”. A button is provided for users to “review messages to release or block them”.
Here is a screenshot of the email:
Unsuspecting recipients who click on the link to review these messages are led to a page that is hosted on a domain not belonging to Office 365, as per the below:
The word “Outlook” is included in the page, with a sign-in message at the bottom, containing the Microsoft logo. This message directs users to enter their password and sign into their accounts in order to proceed, as per the below screenshot:
This is a phishing page designed to harvest users’ passwords. MailGuard urges all recipients of this email to delete it immediately without clicking on any links.
The phishing email contains several typical elements that attempt to trick recipients into falling for the scam:
- purporting to be from a relevant authority to inspire false trust; the use of the ‘Mail Delivery System’ display name,
- the inclusion of the recipient’s email address both in the email’s subject and body; this implies that the email is indeed targeted at the recipient and is not a generic notification, thereby boosting its credibility,
- and attempt to intrigue; telling the recipient that they have pending messages from their organisation creates a sense of urgency & intrigue, motivating the recipient to click on the malicious link.
Despite these elements, the email in itself contains several tell-tale signs that commonly belong to fraudulent emails and should help eagle-eyed recipients point to its illegitimacy. These include the fact that the link to the phishing page is a suspicious one, and that the phishing page itself, while containing the Microsoft logo, does not look like an official sign-page belonging to Microsoft.
Phishing continues to be one of the most prevalent forms of cyber-crime. The vast majority of online scams - more than 90% - are perpetrated using email, so it’s wise to always be skeptical of messages from unfamiliar senders asking you to log into your accounts.
Phishing attacks can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; protect your business and your staff from financial and reputational damage, now.
Please share this alert with your social media network to help us make more people aware of the threat.
Don't get scammed
If your company’s email accounts aren’t protected, emails like these are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
One email is all that it takes
All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.
