Phishing: Your Document Has Been Completed

Phishing attacks through email happen all the time. A new relatively crude one arrived today. It’s easy for the trained eye to detect phishing, but do your Office 365 admins know how to use the tools available in Exchange Online Protection to suppress malware, and do your users know the signs of bad email? In this case, it’s an invitation to click to get to a PDF document to bring you to digitaloceanspaces.com. Some interesting things might happen afterwards, but I really don’t want to find out what occurs when I click the link.

Advertisements

Phishing: Office 365 Retrieve Pending Messages for Domain

Another day, another phishing attempt, this time trying to make unwary Office 365 administrators click on a link to “Retrieve Pending Messages” for their domain. I’m surprised this one got through!

Phishing: EFile Document Notification

A very exciting message arrived in my mailbox. So exciting that it was too good to be true. Some basic checks made me more suspicious and then Outlook’s Message Header Analyzer gave more evidence to think the message was bad.