Red Flags of Phishing Emails

When we talk to our clients and community about ways to protect your identity, we encourage everyone to be smart when it comes to using the internet. This especially includes email. Earlier this year, several of our clients received a phishing email that claimed to have been from Microsoft. We would like to reiterate the importance of paying attention to your email and only using it as a notification.

This is what the phishing email looked like, which was not in fact from Microsoft.

What Makes This Email Phishy? 

The “From” address, specifically the email’s domain, is very unofficial:

  • “Activation@Authenticate.micro-soft.net” is not a valid Microsoft email.
  • Any official Microsoft email would be from “@microsoft.com.”

Their are several punctuation and spelling errors:

  • Awful use of dashes (-), such as “Office-365,”  “unusual-activities,” and “human-verification.”
  • There’s a missing word in “doesn’t have access your account.”

The Authenticate button is an insecure site and very suspicious: http://vsdglobal.net/modules/blog/office/

There’s no branding. However, even when an email is branded, it can still be phishy.

Avoid Clever Phishing Emails

Some cyber criminals are really good graphic design. Anyone can Cut & Paste or even master Adobe. Take a look at this Verizon email:

When you receive emails for vendors you do business with, such as Verizon, your bank, Facebook, you should still be skeptical of its intention.

Review the sender’s email address. Hover over any links or buttons. Visit the vendor’s website without clicking anything. Any legitimate notification will be in your account once you log in, under messages or notifications. If you are still questioning the email, call your vendor.

Remember companies do not ask for your password in an email.

Large companies, including Microsoft, Verizon, Facebook, have policies that state that they will never ask you for your password through email. If you get a suspicious-looking email asking you for a password, go directly to the company’s site to look for a notification from them. Fake emails, at first glance, look like the real thing. However, there are usually signs to be aware of that may identify it as a fake. The from email, in this case, is extremely strange. Also there are several grammatical errors in the body of the email.

What Should You Do

While this may not directly affect you or your company, there’s no better time to be reminded of what cyber criminals are capable of if we aren’t mindful of our online activities.

If you receive a strange email from an individual – family, friend, or one of your vendors (i.e. Howard Tech Advisors) – do not reply. Instead email them directly from your own address book and ask about the email in question.

Phishing emails are just one way cyber criminals are trying to gain access to your important information and your identify. These criminals are also calling by phone and trying to get you to click on links on compromised websites, files, pop up ads, etc.

HOWARD TECH ADVISORS: YOUR PARTNER IN TECH

At Howard Tech Advisors, we manage your IT infrastructure so that you don’t have to. Whether you need assistance creating a disaster recovery plan or you’d like to outsource your IT needs, we can help! Keep up with our weekly blog to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigating an increasingly mobile world.

Don’t forget to check us out on FacebookTwitter, and LinkedIn too.

About The Author

Michelle Pelszynski

Michelle Pelszynski

Born and raised in Howard County, Michelle has a passion for writing and serving the community. She enjoys live music, traveling, running, practicing yoga, reading, and cooking with her family. She also has the pleasure of coaching a group of amazing young ladies in the Girls On the Run after school program.


This entry was posted on Wednesday, December 6th, 2017 at 9:30 am. Both comments and pings are currently closed.

Comments are closed.