Scammers impersonate Microsoft to target Hotmail users with dodgy emails

Scammers are impersonating Microsoft in dodgy emails which tell recipients that they must update their Hotmail password.

Read on to learn more about how this scam works, and for advice on reporting dodgy emails.

Microsoft scam email

This email opens with: ‘Dear user, Your Microsoft Mail account will be replaced by our new version.’ It includes an imminent ‘closure’ date and tells you to ‘update and protect your account’ within 24 hours.

The scammers use Microsoft’s logo to add a sheen of authenticity, but there are some clear signs that this email is dodgy.

The sender name (mscafaru@hotmail.com) doesn’t look like a genuine Microsoft email address.

Most companies will address their customers by name, so emails opening with ‘Dear user’ or ‘Dear customer’ should arouse your suspicions.

The email gives you 24 hours to click a link to ensure you don’t lose access to your account. You should be suspicious of clickable links in unsolicited emails, especially if the message demands that you take imminent action.

The email is clumsily composed. It contains several different fonts, text sizes and colours, and doesn’t look as professional as you’d expect from a genuine Microsoft message.

How the scam works

If you click the link on this email, it will take you to a website where you’ll be asked to click another link to ‘verify your account.’

You’ll then be sent to another webpage that uses fake Hotmail branding and asks you to enter your email address and password. This page includes a ‘Weebly’ logo. Weebly is a hosting service that allows people to build their own websites for free. 

If you enter your details, you’ll be giving the scammers access to your emails.

Avoiding and reporting scam emails

If you receive an unexpected email from a brand, don’t click on any links. Instead, log in to your online account yourself to see if you have any genuine notifications.

If the sender’s email address looks suspicious, navigate to the brand’s website or use a search engine such as Google to check if the address is a genuine one.

You can forward suspicious emails to report@phishing.gov.uk. You can also report them to your email provider by selecting ‘Report Spam’ on Gmail, ‘Report phishing’ on Hotmail or by forwarding the email to abuse@yahoo.com on a Yahoo account.

source https://www.which.co.uk/news/article/scammers-impersonate-microsoft-to-target-hotmail-users-alXtu3u6ef81