Phishing emails purportedly sent by Microsoft are targeting the company’s customers and trying to get them to reveal their login credentials and some personal information.
The given pretext is that they need to reactive their email account.
“In compliance with the email upgrade instructions from Microsoft Corporation and WWW email domain host, all unverified email accounts would be suspended for verification,” the email claims. “To avoid suspension of your email account and also to retain all email Contents, please perform one time automatic verification by completing the online verification form.”
“Please move this message to your inbox, if found in bulk folder. Please do this for all your email accounts,” the phishers added in the hope of gaining more than one set of email account credentials, then signed the email with “WWW. mail Support Team”, ” Microsoft Corporation”.
Recipients who follow the embedded link are presented with an online form that requires them to enter their email address, password, date of birth, and phone number.
“After supplying this information, users are automatically redirected away from the scam website. Meanwhile, the scammers can use the data that they have stolen to access the compromised email accounts and use them to launch further spam and scam campaigns,” explains Hoax-Slayer.
“Since the scam emails are sent via the hijacked accounts of victims, the emails cannot be traced back to the criminals responsible.”