Please be aware that Office 365 users are being targeted in a convincing phishing attack. An email stating to be from Office 365 is being sent to end users asking for verification of credentials and noting that a request has been made to de-activate their account. While the email can look realistic, there are some major red flags to look out for.
- Sender’s Address – The ‘from’ address is not from a Microsoft Office 365 Domain.
- Alert emails from Office 365 will specify what they’re about in the subject line (like “Your Credit Card is About to Expire” or “A request to de-activate your account was made”) rather than just saying “Check Status”.
- This is meant to scare you into clicking and logging in to the fake sign in screen before having a chance to think about it too much.