Archive for phishing

Spam aimed at Office 365 Users

I had this email through this morning. For about a second, I almost believed it! I know that currently Microsoft are making a number of improvements to Office 365.


Of course, it began “Dear Enquiries” and of course Microsoft know my name. It purports to come from my own business domain I can see the psychology here: –
Let us imagine that a person called George works for Acne Services, and his email address is It would begin ‘Dear George’ and appear to from “” and hence probably the IT department. If you are an Office 365 user you need to alert your staff or colleagues to this type of scam.

Note the bit about “trusted sender” as well. 🙂

I obviously didn’t try the link, but it doesn’t point to Microsoft instead the link shown is this:
Although I have copied the link it is disabled. By the way ‘.ml’ is the top-level domain name for Mali. But don’t blame them; these baddies will hijack a domain or website often without the genuine owner knowing.

A ‘Phishing’ Letter

The other day the following arrived in my inbox; It was identified by Mailwasher as Spam – which it obviously was.  What intrigued me is that unlike most ‘phishing’ emails, they didn’t claim to be from such and such a bank

Dear Customer,

This e-mail was send by to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else. Please run attached file and Follow instructions.



However it did invite one to run the attached file and follow instructions.  Needless to say I deleted the file via Mailwasher and didn’t perform the action requested.  Presumably had I done so my system would have become infected some Trojan or other; or maybe my system would become part of a netbot and start sending out spam itself.

It is so obviously a con (note the spelling errors ‘temporanly’ and ‘beleive’ and the ‘Dear Customer’ salutation, genuine banks and stores would address you by name.

Numbers Game.

It is safe to assume that most internet users don’t fall for this kind of thing, but a tiny percentage will do.  And that tiny percentage must be enough to make things worthwhile for the spammers, because the stuff just keeps coming!  It becomes a numbers game, it takes them little extra effort to send out 10,000 junk emails as opposed to 1,000.  Someone somewhere must fall for these and produce a fraudulent return for this scum.

Test Yourself

SonicWall run a very nice ‘self-test’ on their website, to see how good you are at spotting the difference between legitimate and ‘phishing’

Tell your friends about it!