Phishing Examples

How do we know this is a phishing message?

The first red flag is the address that you are asked to respond to an @outlook.com address from your personal email. Authentic internship offers will come from an email address that is not from a free provider such as Gmail, Outlook.com, Yahoo, etc. Asking you to respond from a personal email instead of a school email doesn't make sense. 

In addition, this offer seems too good to be true. If there is a promise of high pay for little to no work, it is too good to be true. 

How do we know this is a phishing message?

If you receive any unsolicited messages informing you of an order that has been placed, it is probably a phishing attempt. 

The first step is to check your credit card and bank accounts to ensure that no fraudulent charges have been made. If you see anything suspicious, call your bank to report the charges. 

Next, further examine the message. In this example, the address shown at the top is a gmail.com address. Any reputable online service will send the message from an email address at their own domain. We also see no information about what company is sending this message. A real order notification will include branding for the company that sent it. 

In this example, there aren't many details about what service or product we have supposedly been charged for. At the bottom of the message, we see a phone number to call. 

This scam counts on you calling that number to ask for the order to be canceled. During the call, the scammers will attempt to get information from you to steal your identity. 

How do we know this is a phishing message?

First, the from address at the top appears to be a real Microsoft address. In reality, the address is account-microsoft365.com. Microsoft would use microsoft.com or office.com.

Next, the MICROSOFT 365 ADMIN text is not how Microsoft would start a message. We would see the Microsoft or the Office logo. (Note that even a fake message could include these logos.)

The last paragraph is trying to scare you into requesting more storage space. According to this message, if you do not add additional storage, you will not receive any new email messages. 

The URL we are asked to visit appears to be real. microsoftonline.com is a domain that Microsoft uses for Office 365 services. However, if we hover over the link, we see that it takes us to a malicious website. This URL will most likely try to steal your Microsoft account credentials. 

How do we know this is a phishing message?

The from address at the top is shown to be an iup.edu address. However, this message came from an IUP account that was compromised. In this case, the from address is not enough to determine if it is a phishing message. 

The message asks you to go to a forms.gle link. This is a Google Forms link that will most likely ask you for your email credentials. 

The last paragraph states that failure to follow those instructions will result in deactivation of your email. Here the scammers are adding a sense of urgency, hoping that you will ignore the warning signs and click the link out of fear that you will lose access to your email account. 

How do we know this is a phishing message?

This message was addressed to an officer in a student organization, supposedly from the president of that organization. The president usually contacts the officer through IUP email addresses. This message was sent from a gmail.com address. 

If you receive a message like this, make sure that you recognize the address that it came from. 

The biggest red flag in this message is the “urgent request.” Regarding phishing, the more urgent the message, the more suspicious you must be. 

Also, notice that the message asks for a response via email instead of a phone call. Wouldn't a phone call be faster than an email? This was said to prevent the officer from calling the president via phone and ruining the scam.