Scammers...again.

[GTP]

Got this today, lol



Microsoft Office Support

Hi, enquiries,

Your account of enquiries@barcelonacomputers.com.au will be disconnected from sending or receiving mails from other users. because you failed to resolve errors on your mail. You need to resolve the errors or your account will be disconnected.
Follow the instruction below to resolve now.

Resolve Issue Now (link removed)

Sincerely,
barcelonacomputers.com.au Regards.
©Microsoft Security Team.


Good luck with that, seeing as how I don't have and have never had a "Microsoft Account"

 

[Bryce W]

I can see it working on a lot of people though.

 

[Porthos]

Resolve Issue Now (link removed)

If you still have that link, Could you message me with it?

 

[GTP]

I'm starting to get calls from clients already...
Hopefully my constant badgering about opening links in emails will make them stop and think?
I seriously doubt it though.

 

[overburnz]

I'm starting to get calls from clients already...
Hopefully my constant badgering about opening links in emails will make them stop and think?
I seriously doubt it though.

It won’t unfortunately people react before they think and then it’s to late...

 

[Markverhyden]

I've gotten several very credible looking ones in the last few months. But some efforts fall flat on their face and customer still inquire.

 

[myPCTechs]

There has been an avalanche of MS 365 phishing attempts in the past month. Some aren't so obvious. It's mostly a training issue, if people got into the habit of hovering over a link every single time and checking the destination URL before they click there wouldn't be a problem.

 

[britechguy]

. . . if people got into the habit of hovering over a link every single time and checking the destination URL before they click there wouldn't be a problem.

Indeed. Or just thinking about what it is that the scam claims. I've seen people get in a lather about just the sort of thing that @Barcelona started this topic with, and if I ask them, "Do you have an {insert specific account with specific entity here}?," they answer no. I then say, then why should this concern you as far as doing anything? [Then they get the lecture about hovering over links and looking at what shows up.]

What endlessly astounds me is the willingness of people to take action before engaging their thought processes even for a moment. They wouldn't likely act that fast if they got an anonymous phone call telling them their home is on fire, so why do it for messages like these?

 

[Markverhyden]

There has been an avalanche of MS 365 phishing attempts in the past month. Some aren't so obvious. It's mostly a training issue, if people got into the habit of hovering over a link every single time and checking the destination URL before they click there wouldn't be a problem.

Yes, but you can only do so much. Some black hats spend some serious time trying to disguise things as you can see below. The typical hurry up and click the link user would probably have just seen the first few words matched and clicked away.

 

[britechguy]

Yes, but you can only do so much. Some black hats spend some serious time trying to disguise things as you can see below. The typical hurry up and click the link user would probably have just seen the first few words matched and clicked away.

I agree with your assessment, but this is still a problem with end users not thinking before they click. Anyone who uses Amazon routinely would recognize that AWS is not a URL they use for this sort of thing.

But, that aside, this is the reason I try to teach all my clients that you NEVER click through on these sorts of links in these sorts of messages. If the message is legitimate, then logging in to the site that supposedly sent the message will get you the same information - straight from the proverbial horse's mouth. If you log in and there's nothing, nada, zip presented either as a pop-up warning or in your message inbox, then the email message is not legitimate and can be immediately deleted and ignored.