The SecuMail team has noticed this interesting case of a phishing email, which we would like to show in detail below:

 

You’ve got mail!

At first glance, it is an e-mail from a “normal” sender. The sender address and also the named company can be verified without any problems. It is a hacked Microsoft 365 company account.

You will be asked to “click” to load a document.

 

Because you want to be “sure”, hover your mouse over the field to be clicked and think “no problem, official site of Microsoft” you click!

 

 

You will be taken to an HTML document that is actually on a Microsoft page and will be asked again to click a link to finally be able to read the document. Because you are sure that it is an official site of Microsoft, click the link.

Important note: when hovering over the link with the mouse, it would be possible to see for the first time that it does NOT lead to another Microsoft page!

 

 

To keep you even safer, a captcha will appear. Here, too, the “safety proof” is to be provided. If you look at the address bar in the browser, you might notice that the captcha is no longer on a Microsoft page (see blue box in the address bar and red question mark). There is also a spelling error (we needs).

Still thinking you are safe, confirm the captcha….

 

 

… and get to a page of “Microsoft” that is NOT from Microsoft! See blue box in address bar.

If you enter your data here to be able to log in to your “Microsoft” account, the hackers have access! Access to your data! You enter your account, so you can send more malware from your sender or use your data in other ways!

 

We think the hackers really put a lot of effort into this case. You have to be attentive and look closely, which is often not the time for in stressful everyday life.

Therefore: be vigilant! Protect yourself!

As an admin, feel free to pass on our blog article to your employees.