How to Spot a Fake Email
The other day I received an email that said it was from Outlook.com stating that my email account had been blocked because of fraudulent activity. To unblock it all I had to do was click on the link and log into my account. This is a common scam that I see all the time and it can apply to anything - Outlook.com, Gmail, Yahoo!, Rogers, Sympatico, PayPal, eBay, etc.
I instantly saw this as a fake, but I had several clients fall for this type of email in the past and had their username and password stolen because of it. Usually the person doesn't even trace the cause back to the email, but instead thinks that their computer has been hacked because they can no longer access their email account.
Here is the email I received:
I've blanked out my personal email address for privacy reasons.
The Scam
When the link is clicked on you will be taken to a page that does look exactly like the Microsoft login page. When you login it appears the page reopens and you have to try to log in again, on the second try you do get into your email. Hooray, my email is unblocked!
What has happened is that the webpage you were taken to just captured your email address and password (you have just given someone your login information) and then they take you to the real Outlook.com login page where you are able to login successfully. Once the people who created this have a chance they will log into your email account and change your password so you can't login anymore. From here they can scan your email, look for other accounts you use, go there, request a new password (which get's emailed to the account you no longer have control of) and on and on it goes.
How to Spot a Fake
The first thing to look for is bad grammar or spelling. Looking at 1a you can see that the sentence isn't complete - "... but we'll need to get your account info to resolve the". Resolve the what? It's blank after that. Example 1b is a perfect example of poor grammar - "This message is to from Microsoft".
Example number two is the reason why I never click on a link in an email. Even though the link is all written out and looks like a real link the coding linked to that isn't what's written out. If you place your cursor over top of the link you will see at the bottom of the page where the link is really going. In this case it's really going to a website called palmettobahamas.com - this obviously isn't a Microsoft website.
What to do Next?
If you do get an email like this, don't click on any links. If you do have some suspicion that there is a problem with your account go there by typing in the address manually or from your shortcuts and login and see if everything is okay. This might even be a good time to change your password.
I will be posting something shortly about how to make your account even more secure using two-step verification, but in the meantime don't click on any link sent to your email!
UPDATE: Here is yet another email sent to me with almost the exact same formatting. This one has better grammar, but again the links do not go where they say they do and bring you to a page that looks just TD Canada Trust. The big tip off for me is that I don't deal with TD, almost everything is hyperlinked and that the email refers to me by my email address instead of my real name.
UPDATE: Here is yet another email sent to me with almost the exact same formatting. This one has better grammar, but again the links do not go where they say they do and bring you to a page that looks just TD Canada Trust. The big tip off for me is that I don't deal with TD, almost everything is hyperlinked and that the email refers to me by my email address instead of my real name.