This information is provided for the benefit of IT Services South Florida consumers and businesses of all types. If you are a user of Microsoft products, you may be deceived into thinking that the following email campaigns are legitimate requests for product renewal fees. The information provided should be read carefully in order to recognize these campaigns for what they are…scams.
Last week, Microsoft personnel discovered two new phishing campaigns targeting Microsoft 365 users. Both campaigns look like legitimate emails from Microsoft and both campaigns, when opened, attempt to steal the user’s personal information.
The “Subscription Expired” Campaign
In this campaign users receive an email stating that their Microsoft 365 subscription has expired and will be stopped if not renewed by a certain deadline. The email then provides instructions as to how to renew their subscription. The “Renew Now” link provided takes users directly to an actual PayPal page where they are asked to input payment details. While Microsoft does accept PayPal, they will not take you directly to a PayPal site when renewing a legitimate subscription.
The “Rebrand” Campaign
In this email campaign IT Services South Florida users are told that Office 365 has been renamed to “Microsoft 365”. Again, this campaign instructs users to renew their subscription by the impending due date. Clicking on the link provided takes you to www.office365family.com where the visitor lands on a site built on the Wix website platform. There is a data form there which asks for personal and financial information such as name, address, and credit card info. In the image below you can see how this site could fool those not paying close attention as it appears to be a legitimate Microsoft website.
Why Target Microsoft Users?
Microsoft 365 (formerly Office 365) reached 200 million subscribers back in October 2019. Since then, millions of employees have started working from home due to the coronavirus pandemic. As a result, Microsoft saw a 25% increase in income in the first quarter of 2020 alone. This is about numbers and with this many users there is a huge opportunity for the cybercriminals behind these attacks to make significant gains even if they only get a very small percentage of people to fall for the scheme.
How People Fall Victim
To increase the chances of success, a phishing campaign normally uses multiple tricks to fool users. This starts with a convincing looking email campaign. Phishing emails are built to:
- Look Legitimate – These emails look like an automated message from Microsoft. Appearing legitimate is often enough to convince recipients to follow the instructions in the message.
- Suggest Urgency – Those subscribed to Microsoft 365 generally depend on the software for professional use so it is not the type of thing that they can afford to be without. By making these campaigns appear as though the subscriptions are in danger of expiring and by threatening late fees, users are often scared into action before the face any such consequences.
- Convincing Webpage– The “Rebranding” campaign again goes to the office365family.com landing page. The page is designed to look similar to Microsoft’s own site. Upon close examination however the fonts don’t match and several links provided are inactive. These types of errors on Microsoft’s site are unusual.
- PayPal Link – The “Expired” campaign leads directly to an actual PayPal payment page which by itself convinces many recipients. However, the page provides no verification of what you’re paying for and the payment goes to an unknown individual, not Microsoft.
Cybercriminals are getting more creative with phishing campaigns. User Friendly Technology Services recommends your contacting your IT Director or IT Services South Florida Provider if there are ever any questions about unusual emails that appear to be from Microsoft or other seemingly legitimate sources. Be vigilant about examining any emails that are unexpected and try to refrain from clicking any links inside emails. Always verify the legitimacy of any site asking for personal information before providing your info.
Need Help With Your South Florida Business IT Needs?
If you’re looking for a flexible but reliable and reasonably priced team of IT experts to help your South Florida business navigate the complex world of technology, User Friendly Technology is here for you. With No Contracts, No Monthly Fees, Low Hourly Rates and Free Monitoring and Maintenance Services, User Friendly Technology is South Florida’s most trusted IT Services company for small business IT. Find out why hundreds of small businesses in South Florida have chosen User Friendly Technology Services to be their IT Services South Florida vendor.
Like us on Facebook
Follow us on Linked In
