05 Oct Beware of This Current Email Scam
There’s no way you’d ever give someone your Microsoft username and password, right?
Unfortunately, phishing attacks are becoming so sophisticated, even the most suspicious of email users are falling victim.
In the last couple of months, we have helped a growing number of people who have inadvertently given their Microsoft login details away because the emails requesting them were so clever.
The main thing that fools people is the fact the emails look like they come from a trusted source such as a client or customer or a source that could feasibly be emailing them. Plus, the emails were cleverly worded and formatted so they appeared to be making a request that seemed genuine. Often, the recipients have been asked to sign in to retrieve documents online.
Unfortunately, the people who have been fooled by this scam have, as a result, given away their email password and their account has subsequently spammed their contacts. At worst, the scammer has been able to access sensitive data, but even if they’ve only gathered information from the PCs they’ve hacked, they make businesses look unprofessional. If your customers receive spam emails from you, they may question the security of your systems and how careful you are with the information you hold about them.
The most important thing to remember is this – unless you have made prior agreements with your contacts, they would never have you sign into Microsoft via an email you have received.
Also, look out for the following:
• What’s the sender’s email address? In a phishing email, the email address often does not match the signature in the body of the email.
• Do all links in the body of the email point to websites that are associated with the sender? Links to third-party
sites are cause for suspicion.
• Treat all requests for personal information or asking you to click on a link and log in with caution. Most
organisations, Microsoft included, would never ask you to log in to a site via email.
• What’s the greeting in the message? If it doesn’t contain your name, it’s likely to be a scam.
• Errors in spelling, grammar and formatting are also clues that the email is suspicious.
If you would like more information about protecting your systems and data, contact us. We can offer advice about data security and suggest systems that meet the needs of your business and budget. We look forward to hearing from you.