A pretty creative new scam to be aware of…
So I had one of my clients call in to advise that the Office 365 subscription was expiring and that they received a notification email to click a link for renewal. Here’s what it looks like –
Pretty well crafted. You’ll notice that the link has Microsoft spelled wrong and its quite easy to miss. Since the brain is already familiar with the term it fills the missing letter ‘f’.
If you notice the email address it comes from, it’ll say something like firstname.lastname@example.org.
This is not a Microsoft domain although it appears plausible to innocent onlookers and non IT people. I managed to trace the domain. The person who sent it used a gmail server to authenticate, then spoofed the domain to send this email. In my case, I traced the sender down to Germany, found the public IP of the sender, then provided that to the hosting Internet service provider in Germany.
Now hopefully they do something about it! DO NOT action this email or click the link. I do not know the result of this as I haven’t really bothered trying it out. Chances are that it can perform some form of malware infection. Just delete the email if you see it.
Find the post useful? Like and spread the word 🙂