Receiving an email about supposedly inaccessible or blocked inboxes can be alarming, but it doesn’t hurt to think twice about the credibility of the email – especially if it involves clicking on unknown links.
MailGuard intercepted one such email today morning, the 13th of January 2020 (AEST). Purporting to be from Microsoft, the email actually comes from a single compromised email address. Both the ‘Subject’ and ‘To’ fields contain the email address of the recipient, while the email address used in the ‘From’ field is a forged one and uses a Microsoft domain.
The body of the email contains a header with the Microsoft logo and is titled ‘Email IT Support’. The email informs the recipient that ‘all old versions and non-active users from (12/01/2020)’ will be ‘closed’. It informs users that their account will be deleted if they don't confirm their email address. A button titled ‘Confirm’ is provided for them to do so.
Here is a screenshot of the email:
Unsuspecting recipients who click on the link are led to a login page containing the ‘Roundcube’ logo. This is a phishing page designed to harvest users’ email addresses & passwords.
Cybercriminals frequently exploit the branding of global companies like Microsoft in their scams, because their good reputation lulls victims into a false sense of security. Because of the large number of users globally, Microsoft is a regular victim of these scams.
The phishing email contains several typical elements that attempt to trick recipients into falling for the scam:
- use of a major brand name to inspire false trust; the incorporation of Microsoft’s Email IT Support,
- and attempt to alarm; telling the recipient that their accounts may be ‘automatically deleted’ after 22/01/20 creates a sense of urgency, motivating the recipient to click on the malicious link.
Despite these elements, the email in itself contains several tell-tale signs that commonly belong to fraudulent emails and should help eagle-eyed recipients point to its illegitimacy. These include the fact that the login page’s URL doesn't point to Microsoft's legit domain.
Phishing continues to be one of the most prevalent forms of cyber-crime. The vast majority of online scams - more than 90% - are perpetrated using email, so it’s wise to always be skeptical of messages from unfamiliar senders asking you to log into your accounts.
Phishing attacks can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; protect your business and your staff from financial and reputational damage, now.
Defend your inbox
Speak to the MailGuard team today to learn more how MailGuard's predictive and advanced email security can help protect your business for a few dollars per staff member per month.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.