Office 365 Message Center - Regain your inbox access - phishing scam
While phishing scams are commonplace and in general, savvy web users
know what to look out for, for many there's still that 'double-take'
moment when a speculative scam email resonates.
This morning one landed in my Inbox and whilst rudimentary in its
appearance compared with more carefully designed phishing scam emails,
the approach of this one is subtle enough to make it worthy of a quick
mention.
So here's the email:
The Breakdown: (numbers explained)
The immediate tell-tale sign of a phishing email.
This has not come from the official Microsoft domain name. In fact they
haven't even bothered to try registering a domain name with 'Microsoft '
in it.
They've been clever about the nature of the approach here.
The wording sounds like a security email would. It talks in general
terms about what 'could' be the cause of this issue and claims to have
blocked the attempt for you. How very helpful of them...
So here's the thing...
After attempting to gain your trust by taking protective action to keep
you safe, they attempt to abuse that trust by getting you to click the
'Restore Access' button.
Hovering over the button in Microsoft Outlook reveals the link behind it
(below - copied into Notepad and screengrabbed/blanked out).
As you can see, the domain name used is NOT an official Microsoft one, despite a weak attempt at including the word 'Office'.
What happens when you click on it?
Don't bother finding out! Clicking it will most likely result in
notifying the scammer that stage 1 of their attempt to steal your info
was successful, and lead you to a website that looks like a reasonably
genuine Office365 page, where it will ask you to login to 'restore your access' or suchlike.
If you don't, you'll have already flagged youself as a potential target, opening yourself up to more attempts in future.
Here's how to deal with it.
Report it to Microsoft by either creating a blank email to [email protected] and sending the phishing email to them as an attachment, or by using the tools available in either Microsoft Outlook or Outlook on the web, as detailed here.