No spam/junk email filter is perfect but it’s hard to understand how some recent messages have been missed by Microsoft’s inhouse security systems. Here’s two peculiar examples to watch out for.
A prank email or a failed scam?
An email is sent out to many people that seems to have hidden CC list with this text in the CC line appears in the message header.
“You have successfully placed an order from the Apple Store using your PayPal account. If you encounter any issues with this transaction, please contact PayPal”
Which might be how it’s evading security checks.
It seems people are Reply All to that message so you can get a lot of replies adding to the original email.
Is this a mistaken email, a prank or a scam. If it’s a scam, it failed because the original message had no phishing or malicious links. All the message does is add to Inboxes.
Airline refund scam
Here’s a variation on a common scam email, trying to trick people into giving up their login passwords or credit card details.
What’s strange is that this scam has been circulating for a few months, yet it still manages to bypass Microsoft security checks, even though there’s at least two obvious clues that any automated system should detect.
It offers a cash gift from a company, in this case the Aussie airline Qantas. The email has the right look and the company really is 103 years old (104 on 16 November).
There are many red flags on this email that should make anyone suspicious.
- The From address is very wrong, starting with ‘yassin325 …’ and a .fr domain. Why would a very Australian brand use a French domain name?
- The strange amount 99.5 Aussie dollars?
- No dollar sign.
- Qantas offering a cash gift? That’s strange for any company but many Aussies know how hard it is to get money out of Qantas!
Always check the link
Before clicking any link in an email, always check by hovering the mouse pointer over the link to see the real web url you’ll be visiting.
In this email, the link is to a .br (Brazil) domain and there’s no mention of Qantas at all.
