The latest scam email campaign reported by MailGuard may steal your Microsoft login details.
Email security provider MailGuard has warned of a phishing campaign of fake emails purporting to link to a Microsoft Dynamics invoice.
The scam is designed to steal victims’ Microsoft login credentials – which could potentially give the perpetrators access to any Microsoft service connected to the account, possibly including Outlook emails, Office 365 documents and OneDrive files.
Thankfully, the fake email is “not very well designed”, according to MailGuard, and the sender’s email address uses the mylocustpoint.org domain, which has nothing to do with Microsoft.
That said, the email uses the Microsoft Dynamics brand and could catch out inexperienced users or those not paying close attention. And clicking the link in the email takes the user to a fake login page that looks like a Microsoft sign-in page.
Fake emails that masquerade as trusted brands are now a very common trick used by scammers. They’re often quite realistic, so it’s advisable to take measures to protect your devices and your business:
- Be vigilant when checking emails and look for signs of fakes. One potential clue is that the email doesn’t address you by name, but instead has a generic salutation such as “Dear Customer”.
- Similarly, check who’s sending you the email. Scam emails and spam often come from odd email addresses, though be aware that legitimate email addresses can be forged. So avoid messages that fail this ‘sniff test’, but don't assume that you can trust all emails that pass it.
- Only click links from trusted senders. You can check links by hovering your mouse over them, revealing the destination in your browser. Again it’s not perfect, because many organisations use email distribution services that replace the actual links for tracking purposes.
- Never open an attachment that is a .zip file or .exe file unless you are expecting it. We’d go even further, and suggest that all unexpected attachments be avoided, because there are ways of embedding malicious code into other types of file.
- As always, security software can help protect your system against malware, though not necessarily against all email scams. For businesses, email security services such as MailGuard specialise in detecting spam and malicious email, and preventing them from reaching your inboxes.
MailGuard regularly reports malicious campaigns masquerading as trusted brands, such as the ATO, ASIC, Telstra, CPA Australia, EnergyAustralia, Xero, MYOB, Commonwealth Bank, Netflix, Amazon and many more.
Here are some previous reports from earlier this year.
Bogus Westpac and MYOB emails
12 February 2018: MailGuard has warned of two new email scam campaigns, with one purporting to be from Westpac and the other masquerading as an MYOB invoice.
The fake MYOB email is well written and formatted, and appears to come from a genuine email account from a company called Craftedeals. It’s not clear whether the sending email account has just merely been spoofed (something that's trivially easy to do), or if that account has been compromised.
As we’ve pointed out previously (see below), scam emails often come from odd email addresses, and that’s the case with fake Westpac emails from the westpac.co.kr domain and the associated phishing site using westpac.com.
According to the real Westpac site, “Westpac will never ask you to update, verify or correct any Online Banking details directly into an email reply.”
Fake Suncorp 'wire transfer notification'
29 January 2018: MailGuard has warned of a scam campaign with fake emails purporting to be a Suncorp Bank wire transfer notification.
There are tell-tale signs that this email is a scam, with poorly written text and the sender’s email address unrelated to Suncorp. However, other email scams are often more realistic, so you (and your staff) need to be prepared.
Fake MYOB ‘invoices’
24 January 2018: MailGuard has warned of a scam campaign with fake emails purporting to be an MYOB invoice notification.
The campaign closely follows a similar email campaign ‘brand-jacking’ Telstra.
Fake ATO emails
18 January 2018: A campaign of fake emails is purporting to come from the “Revenue Collection Agency” and feature the Australian Taxation Office brand and the Commonwealth Coat of Arms, according to MailGuard.
As MailGuard pointed out, the ATO has told taxpayers that it won't (among other things) “send downloadable files or tell you to install software”. It’s not the first campaign of fake ATO emails either.
These are just some of the many scam warnings from MailGuard that we have covered.