Phishing scam masquerades as Microsoft
Australians are warned of a new Microsoft-branded email scam that could give scammers access to your passwords.
The phishing email scam was intercepted by MailGuard, which said it was a good reminder of the importance of thinking twice before clicking links in an email, even if it appears to be sent by a legitimate sender.
The subject line of the email was “Invitation to Bid” and invited the recipient to submit a proposal “in accordance with a Request for Proposal Package”.
The emails go on to explain that due to the size of the electronic documents, they were uploaded to SharePoint – a popular web-based collaborative platform from Microsoft.
SharePoint is commonly used by many businesses as a legitimate way to share large files.
The scam email provides a link for the recipient to view the documents and tells the recipient that they have two business days to submit the proposal.
However, the email is actually from a compromised email account.
“Unsuspecting recipients who click on links to view documents are directed to an intermediary page that asks them to click on another link in order to ‘see the proposal’,” MailGuard said.
“This page includes the Adobe Spark logo and trademark.
When a recipient clicks the link, they’re taken to what appears to be a login page. However, although the page bears the Microsoft logo and trademark, MailGuard cautions that the domain is not owned by Microsoft.
MailGuard said this was a red flag that the page is illegitimate and is in fact a phishing page hosted by Cloudfare.
If a person tries to log in, their credentials are harvested by the cybercriminals behind the scam.
“While MailGuard prevents this email scam from reaching Australian businesses, we encourage all users to exercise caution when opening messages and be very vigilant against this type of cyber attack,” MailGuard said. .
“If you’re not expecting a file from the sender, don’t open the email, download files, or click links.” Check with the sender first, even if they are known to you.