There’s a fake Microsoft Office 365 account suspension warning circulating in email. The sender is attempting to steal user’s login credentials in order to try and take over the user’s email address and any other potentially connected accounts such as social media or online banking.
To make matters worse, if an attacker is able to gain login access to a compromised account, they can continue engaging in more malicious activity. Some of these actions can include the spread of additional malware, spam, or phishing emails. They can also target friends, partners and customers through contact lists and address books or scan an email box for other credentials and personal information.
If someone clicks on a link in the email, they’re often presented with a page that appears to be legitimate. Once a user enters their login info, the attackers collect it, and often redirect the user to a fake page that does nothing.
Fake “Microsoft” branded emails account for around 50% of all fake brand impersonation emails. Many others mimic Amazon, Apple, and Financial Institutions.
If you get a pop-up window, a phone call, email or another type of urgent message alleging there’s a problem with one of your accounts, a virus or etc., here’s some advice:
- do not click any links in the email
- do not call any phone number they provide
- do not send money or make a wire transfer
- do not pay with a gift card
- do not provide any bank account, credit card or personal information
- do not allow anyone to remotely access your computer
Always keep your security software and spam prevention tools and settings up to date. If you’re still unsure of a suspicious email, message or phone call, contact a computer or network technician you can trust.