Another public service announcement for you.

Just occasionally we come across something that we think that we ought to make our clients aware of and in this case we have something specifically for Office 365 users.

One of our clients has been sent the following email several times over a period of a couple of days. It is a pretty convincing phishing email and if you have every changed or cancelled an Office 365 subscription it does look like something that Microsoft might send you. It isn’t. The “Click here…” link takes you off to a hijacked server (now taken down) and asks you to log in with your Office 365 account details.

Office 365 phishing attempt

These phishing attempts must be targetted at email domains that have been tagged with the Office 365 DNS settings so this isn’t some random thing; they are selecting users/domains that are using Office 365 for their email so they know that you are half expecting to see emails from Microsoft about your account.

Ransomware is also as prevalent as ever. The last few emails we have seen have encrypted Microsoft Word template files attached to them. Again, please be very suspicious of any attachments – especially those purporting to come from courier companies, requests for quotations and the like.

by Mr T on Apr 4, 2017 at 4:41 PM


Comments are closed.