Below are two emails alleging to be Office365 informing the recipient of undelivered messages.  Can you spot which one is the phishing scam?


Email 1

Email 2

If you guessed that Email 1 is the phishing scam, you are correct! 

In a new phishing scam targeting Office365 users, hackers are attempting to steal login credentials to infiltrate business’ systems. When the user clicks “Send Again”, it takes users to a fraudulent Office365 login screen. After the information is entered, the site redirects to outlook, leaving the user believing they are in no danger.

This is an example of a high-level phishing scam. 

Quick Ways to Identify Phishing Scams

1. Always look at the URL

If the URL looks in any way incorrect, don’t enter your account information.

If redirected in this case, the URL on the fraudulent landing page is incorrect.

2. Specificity

Phishing scams will generally omit specific names, addresses, or titles and use phrases like “Dear User”

In this case, the email says “Your messages couldn’t be delivered” rather than “Your message to couldn’t be delivered.”

3. Display Name

Make sure that the display name matches the URL from the email.

In the fraudulent email, the address is sent from the URL, rather than as from Microsoft Outlook. 

What can you do?

“Education and vigilance are the best line of defense against these types of attacks,” said Steve Condit, Director of Partner Development for ITonDemand. Keeping you and your staff informed on what to look for is the most effective way to stay secure. 

If you have fallen victim to this scam, the best course of action is to make sure you change the affected passwords as well as any accounts or applications that may have been connected to the affected email address. 

If you still have concerns on how to keep your business secure, contact us here.

Other Articles You Might Be Interested In:

What is an MSP?

What is an MSP?

Businesses are switching to MSP-style services. ITonDemand takes this approach because we know you have enough to focus on in your business, without having to worry about IT issues. So that leaves one question: What is an MSP? MSP stands for Managed Service Provider....

read more
Office 365 Delivers New Tips and Training To Your Users

Office 365 Delivers New Tips and Training To Your Users

Notice: If you receive Office365 through ITonDemand, you and your staff will start receiving emails from Microsoft as part of a special Microsoft Partner program.  On Nov. 29th, 2018, Microsoft will start to send these emails. These emails will be tips and training...

read more

Have a Question?

How would you generally categorize your question?