MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Password expiry notification scams are relatively common, so if the email you’ve received doesn’t appear to be legitimate but it doesn’t match what we’ve shown above, you may want to check out the ones we’ve previously reported on in June 2022 and October 2021. This message is shown twice before the victim is redirected to a legitimate Microsoft page with the message “We’re unable to complete your request”. On the page, the user is simply asked to enter their email password, which will be harvested by the attacker.Īfter entering their password, the victim is shown an error message which reads, "The user name or password you entered isn't correct. To help the attacker evade detection and thwart takedown efforts, the phishing page is hosted using IPFS, which is a technology used for hosting files over a distributed file system. In an attempt to enhance the façade of authenticity, the recipient’s email address is pre-populated in the username field, making it seem as though the site is fully integrated with the user’s email system. The site’s design has been tailored to mimic the appearance of a genuine login portal, complete with a header that reads “Welcome to Portal”. The recipient is warned that their email expires today, and in order to update it, they’re directed to click a link that appears as though it should take them to a company page.Īfter clicking the link, the user is taken to a phishing site that masquerades as a Microsoft Outlook Web App login page. The email uses a small fake Outlook logo, and aside from this is all plain text and relatively brief, which is in line with what you would expect from a password expiry alert. Today, MailGuard began blocking a new phishing scam that impersonates Outlook and has the subject “Expiration Notice”, followed by the recipient’s email address. The idea is that by regularly changing your password, you reduce the risk of someone accessing your account without authorisation – unless you fall for a phishing scam.Ĭybercriminals are well aware of this practice and are using it to their advantage in their attacks. Password expirations are a common security measure used by organisations to protect accounts and their sensitive information.
0 Comments
Leave a Reply. |