I think everyone receives phishing emails from time to time, and they’re usually fairly easy to spot. For example, when you get a letter from Company X that says you need to log into your Company X account, you can pretty much dismiss it when you have never used Company X’s services.
It becomes a bit harder, however, when you do actually use Company X’s services. In those cases, how can you be sure the email is legitimate?
I look for the single biggest giveaway: the links in the email. Hover over them and see where they lead. If they lead to anywhere but the domain of the company claiming to send you the email, then red flags should go up in your mind.
Today, I got an email from the “Microsoft account team” entitled, “Important Email Security Alert”. Here is is, minus some information:
Unusual sign-in activity
We detected something unusual about a recent sign-in to the Microsoft account XXXXXXXX@hotmail.com ( E-mail Hidden for security reasons).
To help keep you safe, we required an extra security challenge.,
IP address: 220.127.116.11
Date: 05/26/2015 5:43 PM(GMT)
If this was you, then you can safely ignore this email.
If you’re not sure this was you, a malicious user might have your password. Please review your recent activity and we’ll help you take corrective action.
Microsoft account team
I received the email at my Hotmail account, which is owned by Microsoft, so I couldn’t immediately dismiss it. But the link for “Review Account” pointed to a shortened URL using the Tinyurl service, which should never happen if the email were actually from Microsoft.
Furthermore, the address of the sender was email@example.com, which is also a big red flag.
And one more thing. I don’t think that any legitimate corporation would fail to capitalize the letters in its name. So “Microsoft account team” should really be “Microsoft Account Team”, as generic that even that is. It’s a minor detail, but it’s the kind of thing that your typical phishing group could easily overlook. I simply don’t envision phishers to be experts at grammar and punctuation.
The moral of the story is to be careful whenever you get emails claiming to be from companies whose services you use. Just to be on the safe side, I tend not to click on any links to emails that are sent to me unless I am expecting to receive them.