Red Flags for the latest Phishing Scam – “Office 365 Account Compromise”

November 7, 2017 8:20 am

Are you one of the 70 million active users of Microsoft’s Office 365? Since 1 in every 5 corporate employees and most federal and governmental employees use this, you are not alone if you have fallen prey to the latest phishing attack. According to the Better Business Bureau, “Scammers send an email claiming to be from Microsoft and notify the user that their account has been suspended. The message then states that in order to take action, you must click on a link in the email. Once the user has clicked on the link, they are asked to provide their login credentials. If the user follows through, their account is compromised. This will only allow the criminals to gain access to the user’s contacts, but also to confidential information about your company that could leave it susceptible to internal hacks.” How can you tell whether an email is real or a phishing attempt by scammers? First and foremost, specific to this particular phishing scam, Microsoft does not issue suspension notices by email. Second, there are tell-tale signs of a fake email.

 

These Red Flags should put you on alert:

 

  • You don’t recognize the sender’s email.
  • The sender’s email is from a strange domain name.
  • The email seems to be from someone you know but it is out of the ordinary that they would send you an email of this kind.
  • The email has an embedded hyperlink.
  • The email is addressed to an unusual mix of people or people who have no connection to you.
  • When you hover your mouse over a hyperlink that’s displayed in the email message, the link-to address is for a different website.
  • The hyperlink has a misspelling of a common website.
  • The email is blank except for the hyperlink.
  • The email was sent at an unusual time for business – say 4 am.
  • The email is a reply to something you never requested.
  • You notice an attachment with a possibly dangerous file type. The only file type that is always safe to click on is a .txt file.
  • The title of the email claims a negative consequence will happen if you ignore the email.
  • The email has bad grammar or spelling errors.
  • You have a gut feeling that something seems illogical or off by the sender, content, addressee, or other item.

 

Want to know more about phishing scams and how to protect your business? Call M&H Consulting at 1-(866)-964-8324 or visit our website at http://www.mhconsults.com

Categorised in: ,