Sample Fake Office 365 Emails

Sample Fake Office 365 Emails

The bad guys have been targeting Microsoft Office 365 users lately with multiple phishing attacks. Below is a sample of what to be on the lookout for. I would recommend sending this article to your employees to improve security awareness.

Red flags

  • “From” email address is not a Microsoft address. Even if it does show a Microsoft address it could be spoofed.
  • It’s addressed to a generic person such as “Client” and not the recipient by name.
  • It doesn’t look polished as you would expect an email from Microsoft to be.
  • Sent with High Importance.
  • It contains an attachment. Microsoft will never send you an email with an attachment.
  • Involves a threat of data loss.
  • English may not be proper.
  • If you move your mouse on top of a link in the email without clicking in Outlook it will show where the link really goes (to the attacker’s web site).

I have highlighted these red flags in the samples below.

Sample Microsoft Office 365 Phishing Emails

 



 



 


 


 

 


 

-Tim

Office 365 Security