Cybercriminals frequently exploit the branding of global companies like Microsoft in their scams, because their good reputation lulls victims into a false sense of security, and with such a large number of users they are an easy and attractive target. The use of well-known brand names, like Microsoft also serves to inspire false trust, boosting the email’s credibility. Therefore, notifications like the above aren't likely to raise any alarm bells when they appear in an inbox, motivating users to click on the provided links. With workforces becoming more remote in light of COVID-19, it is common for employees to email confidential business documents, like reports, to one another. Scams like these have a high likelihood of successfully tricking users, especially in the current climate. Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click them. Once users enter their email and password, the attackers harvest them for future use, and the user is met with an error saying that the credentials are invalid, as per the below: As in the example below, inserting an email address brings up Google’s logo:īoth these ‘login’ pages are actually phishing pages hosted on a compromised website. Interestingly, this page displays the logo of the email service provider entered on the previous page. This page employs Microsoft Office 365’s logo, and is designed to look like a legitimate login page, complete with support links and a safety disclaimer claiming that 'this site is protected by reCAPTCHA'.Īfter users enter their ‘business email’ as required above, they are led to a similar page asking them for their password. Unsuspecting recipients who click on the link to view the message are led to a login page asking them to ‘sign in to continue’. The email body ends with a signature of an ‘Operations Officer’ from a company based in Australia. Sent from a compromised account, the email claims to deliver a ‘copy of a report’, directing recipients to click on an included link in order to view it. IMPORTANT: The server that hosts your mailbox may have junk email filtering settings that block messages before they reach your mailbox.MailGuard has intercepted a phishing email that purports to be an automated file-sharing alert in order to deceive users. Messages received from any email address or domain in your safe senders and recipients list are never sent to your Junk Email folder. Safe recipients are recipients that you don't want to block, usually groups that you’re a member of. Safe senders are people and domains you always want to receive email messages from. In addition to Safe Senders and Recipients and Blocked Senders, you can use this setting to treat all email as junk unless it comes from someone included in your Safe Senders and Recipients list. For more details, see Blocked senders.ĭon’t trust email unless it comes from someone in my Safe Senders and Recipients list or local senders Messages received from any email address or domain in your blocked senders list are sent directly to your Junk Email folder.
For more details, see Safe senders and recipients.īlocked senders are domains and people you don't want to receive email messages from. If you select this check box, email from any address in your contacts folders will be treated as safe. For more details, see Safe senders and recipients. Add senders you trust and recipients that you don't want to block to this list. Safe senders and recipients are domains and people whose email you don’t want diverted to your Junk Email folder. This filter is in addition to the junk email filter that’s been set by your administrator. Select this option if you want to use junk email filtering. Warning: If you select this option, email detected as spam by Exchange Online Protection will be delivered to your Inbox if the spam action set by your administrator is to move these messages to the Junk Email folder.
0 kommentar(er)
