In the past week, we have seen increased occurrences of elaborated scam emails with attempts to collect Office 365 credentials, so we find important to share tips on how to spot these threats.
Always verify the sender is valid. Specially the domain suffix. If its not a .com or .us there is your red flag.
DO NOT click on attachments or links. If you are in doubt, forward the email to your IT department or MSP provider. On the above sample, links were pointing to a site that looked identical to the Office 365 login page, it did have a valid SSL Certificate so it was deemed as secure but it was designed to steal office 365 logons. As of 10-27-2017 the set had been taken down already.
Why would someone want to gain access to random email addresses you may ask. A few examples:
A few steps that help protecting your systems against this threats are:
For more information or if you would like to get a FREE network assessment for your company. Please contact iEple LLC at (630) 634-5700 or make an appointment at http://book.ieple.com
We appreciate comments and questions.
Deploy dozens of computers in minutes with iEple's BioGreenPC
Enterprise I.T. Support for ALL