It can be difficult to determine if an email is from a legitimate source at times. Cybercriminals have become skilled at making emails look like real notifications from Office 365 or other cloud services.
At first glance the message below looks as if it is from O365:
Over 90% of malware attacks are delivered via phishing emails. In the example above, cybercriminals leveraged a common phishing technique to create a display name that looks like it might be from Microsoft or another cloud service. The example above shows that the email originated from an “onmicrosoft.com” address.
An “onmicrosoft.com” email address is an email address and password that is used with Outlook, Hotmail, MS Office, OneDrive, or Xbox. However, real spam quarantine emails from Microsoft will be from “firstname.lastname@example.org”. Other phishing tactics can include using the number 0 instead of the letter o.
These scams are evidence of why it is important to always check the email address, not just the display name when trying to determine if an email is real before clicking on any links. Another way to evaluate a suspicious email is to check where the embedded links are pointing to. To do this hover over the link with your mouse and you will see what the link is pointing to open. A legitimate email from Microsoft will point to a link with a Microsoft domain.
If you are uncertain if an email is nefarious, send an email to your company’s IT Department or iLLUM Advisors. When you email, send a copy of the suspicious email as an attachment. Attaching the original email is preferable to forwarding the email so an IT security professional can look at the headers contained in the original email.
At ILLÜM Advisors we believe that IT should accelerate your business, not be a problem that slows it down.
This is why we deliver IT Security, IT Transformation, Project Management, Business Intelligence, and Leadership, leveraging and optimizing existing IT teams, for organizations who simply cannot afford to waste time and budget.