CSIT has received a report this evening of a new phishing scam. While this scam is not particularly well crafted, it does come during an especially busy time of year and, therefore, warrants some warning.
The instance of the scam which has been reported to us takes the form of an email message pretending to come from Microsoft and has the subject line “Important Message Regarding Your Account”. The body of the message makes the claim that your email is being queued and held back from delivery because you have failed to validate your email account, implying that validation is now a monthly requirement. Normal email delivery will be resumed, it goes on to claim, only after you have validated your account. The scam then offers an embedded link inviting your to click the link to release your held email. The target site is actually a screen image of the generic Microsoft Office 365 logon page with your email address appearing to have already been supplied.
There are a few “tells” in this scam. First, Microsoft is misspelled as “Microsotf”. Second the sender address is clearly outside either the NWU or the Microsoft domain. Third, the message fails to explain how it was delivered properly to your mailbox while all other email is supposedly being held pending validation of your account. Fourth, the embedded link, if you take the time to examine the target URL, points to a site with the domain name “tibetanhealth.org”. Last, the site to which the URL takes you displays a generic background image, even though your NWU email address appears to have been entered; if it were a legitimate logon page for NWU, the background image would have changed to an NWU specific image once your NWU address had been supplied.
Please, be especially careful handling your email during this busy period. Avoid rushing to respond to messages and instead take a moment to examine them closely. Should you have any doubts about the authenticity of a message, do not hesitate to consult CSIT. Thanks,