This morning I woke up to a very interesting phishing email. I never blog about phishing attacks but I found this one particularly interesting as it was spoofing Microsoft account services.
Identify the Phish
Phishing emails are always getting more creative. Sometimes it is hard to spot a fake from a legitimate email. But there are always a couple of tells on a fake email. The one I received this morning had a few.
The first was the email address. Despite it displaying outlook.com the part to the left of the at symbol read “outlooo.teeam”. This was the first red flag.
The second red flag is the sketchy use of the English language throughout the body of the message itself. It just doesn’t read well.
Then comes the Verify Your Account button. This was the ultimate red flag. Without clicking I hovered my mouse pointer over the button. It revealed where it was going to take me. Even if the email address had been formatted better and the body of the message was grammatically correct the link was the surefire tell. In the screenshot above I superimposed the link so you can see where it was taking me. Clearly not a Microsoft site. But some site in India.
The final red flag was the trademark symbol at the end of the message. I have no idea why the word “team” (or perhaps the entire phrase) is a trademark.
Now that we have identified a phishing email what’s next? I recommend reporting it to your anti-spam provider. Below are the steps for reporting it to Microsoft. If you have a 3rd party vendor for spam, check with your system admin on how to submit messages to them for analysis.[Read more…] about Don’t feed the Phish