![]() ![]() Hovering the mouse cursor over this hyperlink clearly shows that it does not direct to anything on the Office 365 system but rather a website that we would be more than willing to bet is chock-full of malware, if not ransomware designed to steal your personal data or encrypt your files and hold them ransom. Their hope in doing this is to direct the victim to click on the hyperlink in the bottom of the message. The phishing message, however, uses different verbiage and only lists the arbitrary number of “Total Held Email” at 16 along with the current date. The hyperlink option go to an hyperlink (you can see this by hovering over the links in the email), which a legitimate Microsoft domain. options to click hyperlinks to release the message to the inbox or mark it as not junk.the date and time that the message was received. ![]() If you compare the two photos, you’ll notice that the legitimate SPAM summary lists out: The real message has much more detail and is not as secretive about the data being conveyed as the phishing attack is. Observe the different layouts of the message. The next way the attacker hoped to catch the victim unawares was to use a legitimate looking layout and contents. For example, someone trying to impersonate Microsoft may use an email address, hoping the victim wouldn’t notice the “o” replaced with a zero. While it didn’t happen in this case, it’s not uncommon for cyber criminals to use email domains that look very similar to the domain of the company they are attacking or the company they are impersonating. In our example of a legitimate Office 365 SPAM summary message, we see that the email address that any SPAM notifications will come from is actually So, the attacker did a great job picking an email address that would be easily glanced over in hopes that the mind’s eye wouldn’t notice the discrepancy. The email address of might be completely overlooked by someone who didn’t pay close attention to it. The first way that the phisher tried to lure the victim in was to use an incorrect but appealing email address to pose for the Office 365 SPAM filter email address. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |