Conversation

Notices

1. Embed this notice
   Jonathan Kamens (jik@federate.social)'s status on Tuesday, 01-Oct-2024 01:15:57 JST Jonathan Kamens

   in reply to

   About that DKIM thing: what the heck has Microsoft done wrong to allow scammers to send email from the microsoft.com domain that passes DKIM? Holy cow, that's a huge problem. They need to figure out what's going on there and put a stop to it ASAP.
   Let's talk about the red flags...
   The To line doesn't contain the email address of the actual recipient.
   A properly formatted email would write "Order ID" rather than "Order Id".
   2/4

   • Embed this notice
     Jonathan Kamens (jik@federate.social)'s status on Tuesday, 01-Oct-2024 01:15:58 JST Jonathan Kamens

     This is an _incredibly_ convincing phishing email from #Microsoft. I have to give the people who sent it credit, this one is really good.
     The From line shows a Microsoft logo and microsoft.com domain. The message passes DKIM (HUGE problem!). All of the links in the email are real Microsoft links. The scam is designed to get people to call the "Sales Team Helpline" where the real fraud will take place.
     You can spot a few red flags if you look really carefully.
     1/4
     #phishing #infosec

     Blaise Pabón - controlpl4n3 repeated this.