The security experts at Retarus are cautioning users about a particularly sneaky wave of phishing attacks: Personalized phishing mails with a deceptively realistic Microsoft design and layout are currently doing the rounds, amongst other things requesting recipients to enter and confirm their passwords. Retarus is therefore advising users to check any links contained in such messages with the utmost care.
The phishing email currently circulating has the subject line “Update Your Account Information To Avoid Service Suspension” and purports to be from the sender “Microsoft Office 365” (@office.com). In the email, recipients are instructed to update their user details stored with Microsoft Office 365. The link contained in the message leads to a website which resembles that of Microsoft with deceptive accuracy. The exceptional feature of this attack is that the email makes a credible impression by requesting that users enter their passwords twice for verification.
To safeguard against the dangers posed by these types of phishing attempts, increased vigilance and close attention to the plausibility of the message are essential. For Microsoft Office 365 users, when in doubt it is advisable to enter the Microsoft web address manually into the browser and log into the customer area there. Read more about how professional E-Mail Security Services can protect against such phishing attacks in our current press release.