Phishing scams very often imitate legitimate Microsoft Office365 email notifications.
The Scam email uses a deceptive “From” name (“Quarantine Timer” in our example) but note the “From” email address is definitely not from Microsoft and is almost always sent from another account that fell victim to the same scam. Many of these scams claim your password is expiring or to be holding “important” emails in an effort to lure you into taking the next step in the phishing process.
Clicking any link in the email sends you to the phishing site where the scammer hopes you’ll enter your email password.
Notice the scam email is designed to automatically include your actual email address on the phishing site, leaving you to only enter your password. Like many phishing sites, it accurately mimics the Microsoft website with the logos and sign in page. If you’re not paying attention to the address bar, it would be easy to get fooled. Legitimate Microsoft login sites only begin with https://login.microsoftonline.com.
If you’ve fallen to one of these scams, time is of the utmost importance, in a race to reset the password and secure the account before the scammer can do their damage.
Coastal PC Support employs a number of protective measures to protect our clients from these scams. If you have any concerns or questions please let us know.