Cybercriminals are the worst. And we don't want them to win. Ever.
So when C Spire CISO Conrad Bell alerted our team of an nationwide uptick in phishing attempts that harvests Microsoft credentials, we knew we had to let you know.Here are a few tips from Conrad on how to spot an email phishing for your Microsoft login information:
Two tips for spotting phishing emails
- Don’t be fooled by what the email looks like. That includes any images, company names, and logos – as well as what the text says. All of these can be spoofed and can look very legitimate.
- If there's a link, always hover over it to find out where the email is taking you. If the URL doesn’t match the address of the company it claims to be from, it is very possible a phishing scam.
What to look for in emails
It’s very easy for a malicious actor to make text say one thing but the link point somewhere else.
These two links look the same, but the one on the left leads to the legitimate Microsoft Outlook site, while the one on the right leads, in this case, to Google. In a phishing email, the link would lead to a malicious site. Remember that the text in an email can be a completely different site than where the link leads.
Conrad warns that you should never click on a link that might not be legitimate. Instead, he says to contact you IT administrator or follow your company's phishing policies. Learn more about phishing attacks here.