I received the following email the other day and it’s one of the best examples of a phishing email I have seen. It’s clean, branded properly and I can certainly envision an unsuspecting recipient clicking the link and exposing themselves to theft and hacking.
Here’s what the email looked like when it arrived in my Inbox:
This particular phishing campaign is obviously targeting users of Microsoft OneDrive. With so many people now using Office 365 subscriptions, of which OneDrive is a part, this is a fertile target for hackers to go after.
When I opened the email this is what I saw:
The address looks like it should be legitimate and the branding is very good. I could easily see someone going ahead and clicking on the View File link, so let’s look a little more closely at this message.
What you can see inside the red circles is what gives this away as a fake. In the upper red circle, the actual “from” address is clearly not a Microsoft email address. You will never receive a message from a service like OneDrive where the display name says “Microsoft Office OneDrive Online Notification Message Center” and the actual email address is a person at a different domain name. The spacing between the words “Online” and “Notification” in the display name is also a hint that something is suspicious with this message.
Finally, the lower red circle shows that if you hover the mouse over the View File link without actually clicking, that the URL that the link goes to is not a OneDrive address. This is a clear warning sign that if you click the link you will be directed to a web site that may try to trick you into entering private information or worse, may silently install malware onto your device.
I hope sharing this example will help you avoid falling victim to any phishing attempt, not just this one. Stay Safe Online!