Hackers masquerade as Microsoft to steal personal information -
New fraudulent emails taking the appearance of Microsoft teams are currently in circulation.
These report a fraudulent attempt to request account recovery.
To prevent their account from being hacked, targets are invited to click on a link, in order to cancel the recovery request.
Unfortunately, this is a fake email that could allow the authors of this phishing campaign to recover your Microsoft credentials.
We do not necessarily realize it, but Microsoft identifiers are a gold mine for malicious people.
A Microsoft account isn't just our mailbox, it's also your Xbox, Windows, Word, etc. account.
In other words, by recovering our Microsoft identifiers, hackers can have access to many services of the Redmond firm and, why not, take out new subscriptions without your knowledge.
The work of a pro
In this case, the phishing campaign is relatively well done and that is the whole problem.
There are a lot of people who could get screwed.
However, there are some things that should spark your ears.
First, the name of the sender: Mail Info.
Although it is associated with the Microsoft logo, the sender does not have the correct name, namely "Microsoft Accounts Team".
Hackers masquerade as Microsoft to steal personal information - geeko
The sender's e-mail address also does not match that of Microsoft, which, as it indicates on its website, only addresses that include “@ accountprotection.microsoft.com” are reliable.
In this case, the sending address ended with “@ live.fr”.
The sender had all the same taken care to add a false Microsoft address in the recipient tab (“firstname.lastname@example.org”) to deceive, but again, the address was not correct .
The subject line of the e-mail should also alert you: “AW // EMAIL // - // ALERTE-CONNEXION- SRX15494ID - SUSPECTE”, far too alarmist to be genuine.
Discreet but numerous clues
When we look at the body of the text, we also find other clues to the fraudulent origin of the email.
We thus note some concerns of punctuation, spaces which are missing or which are in excess.
Finally, in the majority of emails actually coming from Microsoft, the body of the text will be spaced out, which is not the case here.
Being extra careful when you receive an alarmist email and taking a few moments to analyze the email will often allow you to avoid unpleasant surprises.
Phishing: Five Tips to Avoid Getting Trapped
Several French entities affected by a cyberattack from 2017 to 2020