Yesterday I posted about what to look out for in a phishing attack and today I received a well timed example :).
Our Advanced Email Security Solution quarantined the offending email, but in this instance, it would have been quite easy to spot. Note that it is not always this easy however. This particular email wanted the recipient to think that their Microsoft password had expired and to click on the Keep your Password Now link in order to capture their login credentials.
Check it out below!
Firstly the Sender name was Remind. Usually one would expect to see the person or department in this field.
The Sender email address showed up as firstname.lastname@example.org. As the email wants us to believe that it is from Microsoft, one would expect to see microsoft.com as the domain (part after the @ in the email address), not to even mention the vanityfair or newsletter parts..
With any correspondence regarding your password, always check that you are the only recipient in the To field. In this case I had a suspicious public email address email@example.com and I was copied not even the main recipient.
Any business, especially large corporations like Microsoft, will not send you a message in a different language to what is listed in your account. The original message was sent in Japanese and translated into English by Outlook.
Poor English usage is a quick giveaway
Misspelled words is another giveaway
It is obvious that the hackers simply used the domain as the company name. I would have expected the company name to start with a capital letter.
Lastly, the link - when you hover your mouse over the link, before clicking, it will give away the true address of where the link leads to. In this case it would have taken me to muhasebex.com which is obviously not associated with Microsoft in any way shape or form.
Till next time, keep safe and do not click on any suspicious links received in your email or via text messaging!