Beware of phishing scams that appear to be from trusted vendors. We’ve recently noticed a spike in fake Microsoft notifications. Here’s a snapshot of what the email looks like:
Let’s dissect this email a bit to uncover some tell-tale signs of phishing scams:
- Who is the email from? In this case, the email is from firstname.lastname@example.org. This is the first clue that this is not an email from a real Microsoft employee…It is not from a Microsoft domain.
- Read all of the text – don’t skim. You’ll notice that there are numerous grammatical errors in the third sentence. It would seem very odd for a trusted vendor to employ personnel with such poor writing skills.
- Watch out for external links accompanied with an urgent call to action. This email is meant to scare you into clicking on a link which will take you to a fake sign-in web page where you could be further tricked to share your login information.
Always stop and pause before clicking on a link. If you’re ever uncertain of an email, don’t click on any links, simply contact a Dolphin on the help desk.
Take extra precaution and add Multifactor Authentication (MFA) to your Office 365 Account. Find out more at: http://www.smartdolphins.comblog/mfa/