A cleverly written phishing email looks like a request from Microsoft.
On the back of many fake Amazon emails comes another message not caught by a fully updated Outlook Junk Email filter on the ‘High’ setting. Instead of being safely parked in the Junk E-mail folder, Outlook leaves the message in your Inbox.
This one looks like a request to confirm your Windows Live ID – that’s the login needed for all Microsoft’s online services.
It’s been carefully prepared not just to fool the Outlook spam filter but also humans.
The message looks like a plain text message that is ‘safe’ – but it’s neither plain text nor safe.
There seems to be an ‘exposed’ web link that you can see. That link looks like a secure web page to an msn.com web site. But the message is actually an HTML formatted message with a different web link behind the text you can see – the tooltip reveals a totally different web site.
There’s a variation on the same message without the exposed web link and instead text that reads: ‘Please confirm your email by visiting the URL’.
Beware, delete the message and definitely don’t click on the link.
As usual you can create an Outlook rule to move the message, or just hit delete until the next Junk Email update from Microsoft which should trap this nuisance.
See Also
- ‘Summary of Payments’ infected ‘Excel’ email
- Fake emails missed by Outlook
- Fake HR emails with virus
- When Outlook doesn’t detect a spam message
- Outlook isn’t catching ‘CNN.com Daily Top 10’ phishing trap
- Is Microsoft filtering Office Watch email?
- Pressed meat named after junk email
