Outlook “mail issues” phishing – don’t fall for this scam!

Apart from some slightly clumsy wording (but when was the last time you received an email about a technical matter that was plainly written in perfect English?) and a tiny error of grammar, we thought it was surprisingly believable and worth writing up on that account, to remind you how modern phishers are presenting themselves.

Out are the implied threats, the exclamation points (!!!) and the money ($$$) you might lose if you don’t act right now; in are the happy and unexceptionable “here’s a problem that you can fix all by yourself without waiting for IT to help you” messages of a sort that many companies are using these days to reduce support queuing times.

Yes, you ought to be suspicious of emails like this. No, you shouldn’t click through even out of interest. No, should never enter your email password in circumstances like this.

But the low-key style of this particular scam caught our eye, making it the sort of message that even a well-informed user might fall for, especially at the end of a busy day, or at the very start of the day after.

Here’s how it arrives – note that in the sample we examined here, the crooks had rigged up the email content so that it seemed to be an automated message from the recipient’s own account, which fits with the theme of an automatic delivery error:

I​n​c​o​m​i​n​g​ ​m​e​s​s​a​g​e​s​ ​f​o​r​ [REDACTED] c​o​u​l​d​n​’​t​ ​b​e d​e​l​i​v​e​r​e​d​.

This message was sent in response to multiple incoming messages being rejected consistently from 2:00 AM, Wednesday, August 19, 2020.

To fix, recover and prevent further rejection of emails by our server, connect to your Company-Assigned OWA portal securely below.

Only if you were to dig into the email headers would it be obvious that this message actually arrived from outside and was not generated automatically by your own email system at all.

The clickable link is perfectly believable, because the part we’ve redacted above (between the text https://portal and the trailing /owa, short for Outlook Web App) will be your company’s domain name.

But even though the blue text of the link itself looks like a URL, it isn’t actually the URL that you will visit if you click it.

For the full article: https://nakedsecurity.sophos.com/2020/08/21/outlook-mail-issues-phishing-dont-fall-for-this-scam/

Get In Touch

Share On Social Media

Other Recent Blog Articles

Safeguard Your Small Business: The Vital Role of IT Managed Services in Preventing Catastrophic Outages

April 12, 2024

In the fast-paced world of modern business, the reliance on technology has never been more significant. However, with this reliance comes the looming threat of cyberattacks, as evidenced by the…

Read More

Podcast Part 2: Special Episode – Aura Aesthetics

April 4, 2024

Welcome back to Breaking down I.T. with Steve and our special guest, Aura Aesthetics. Shifting our focus from skincare solutions, let’s delve into the realm of data security and HIPAA…

Read More

How AI is Revolutionizing Cybersecurity for Non-Technical Small Business Owners

April 3, 2024

In the fast-paced digital landscape, the undeniable rise of Artificial Intelligence (AI) has significantly reshaped the realm of cybersecurity, impacting small businesses in profound ways. For non-technical small business owners,…

Read More