16 Jul Security Update – One Note Phishing Emails
ALERT: Internet Criminals are sending phishing attacks where they try to trick you into listening to a fake “Audio Note”. They show you screen shots and attempt to scam you into clicking on links or even log into a fake Microsoft login page.
Phishing scammers are coming up with more innovative methods to convince their targets to provide login credentials. Such is the case with the OneNote Audio Note phishing campaign that occurred. Bleeping computer reported that: “This campaign comes in the form of an email with the subject “New Audio Note Received” and claims that you have received a new audio message from a contact in your address book. In order to listen to the message, though, you would have needed to click on a link to listen to it.
Of particular interest is that the phishing scammers commonly included footer notes stating the email was safe as it was scanned by a security software. In this case, the email stated it was “Scanned by McAfee Ultimate 2019 Antivirus Scanning Service for Microsoft”.
When you click on the “Listen to full message here” link, you would have been brought to a fake OneNote Online page hosted on Sharepoint.com. This page stated that “You have a new audio message” and then prompted you to click on a link to listen to it.
For Microsoft accounts and Outlook.com logins, it is important to remember that Microsoft login forms will just be on microsoft.com, live.com, microsoftonline.com, and outlook.com domains only. If you are presented with a Microsoft login form from any other URL, avoid it and only use your normal bookmarks to go to these sites.
If you would like to ensure your Cyber Defences are up to scratch why not book a free Cyber Security Assessment call us on 0114 361 0062 or Click Here >>