Targeted at Office 365 users
Over the weekend we have seen several instances of fake Office 365 emails being sent to our customers encouraging them to click on a link to prevent their account from being suspended.
The email seems to be sent out randomly and is not just targeting Office 365 mailboxes, many users are not aware of what their actual email system is so this really affects all email users.
An example of the phishing email is below, if you look at the from address you can see that while it suggests that it’s from Microsoft, the domain shows that it’s not (ucdenver.pvt) which would be the first sign that something is not quite right.
Also when hovering over the “confirm email now” button the domain also shows a non-Microsoft domain
We believe that the phishing email, once clicked, takes you to a website which attempts to infect your machine with a Trojan, which then attempts to steal or encrypt data on your machine.
This is just another example in a long list of every increasingly sophisticated phishing emails which are targeting end users by trying to identify with them to make it more convincing.
If you are an Office 365 customer you can help Microsoft identify and reduce phishing emails by forwarding the email, as an attachment, to the following email address; firstname.lastname@example.org.
To see our advice on how to reduce the potential to falling victim to this type of malware, please see this previous post.