Lets look at an old fashioned phishing email.
An old, old, phishing scam is the fake email attachment and one we have not seen for a while is the fax! A lot of companies no longer have a fax machine but can receive emails through online fax services through their IP phone systems. This is one we received today. Like a blast from the past, who can resist looking at a fax?
You never know, it might be real so we ran the link on a quarantined machine just in case. We have a lot of faith in Malwarebytes Endpoint Protection (for which we are a reseller!) this is what we saw when we tried to open the fax.
So far so good. Lets click the link to view our document.
A fake Office 365 login!!!!
You can tell easily. Look at the link below. Notice the start of the link has nothing to do with Microsoft or Office. What the heck is maxtelhados?
Now look at a genuine office 365 login. Notice the start of the link says login.microsoftonline.com
A few minutes later, Google Chrome is flagging the page as more than a bit suspect.
What would have happened if we had signed in? Well, we would have given away our email address and password. Two vitally important pieces of information that can be used in a wide variety of fraud and theft.
I think I miss all those offers of millions of dollars from Africa! 🙂