Scam of the Week – OneDrive users hit with sneaky phishing scam
Windows 10 users are being warned to avoid a phishing scam that attempts to trick them into handing over their usernames and passwords.
The scam is targeting users of Microsoft’s OneDrive cloud hosting service. OneDrive is integrated into Windows 10 and offers up to 5GB of free storage for documents, photos and other files in the cloud.
As traditional phishing scams become easier to spot, fraudsters are trying out new methods to evade detection and slip under the radar.
In this latest scam, victims have reported receiving an email that claims to be an alert from their email server. It uses the subject line 'Encrypted Message Received' and prompts the user to log in to read the encrypted message.
Image: Phishing message (source: Bleeping Computer)
When the user clicks on the 'View Encrypted Email', they are brought to a fake OneDrive Business page that prompts them to click an ‘Open’ button to view the message. They are then directed to another page that asks them to login with their ‘professional email login’.
As soon as a OneDrive username and password is entered into the fake site, the attackers have all the data they need. They can then access the user's account or attempt to break into other accounts using the same stolen details.
Image: OneDrive phishing website
To the untrained eye, the page may appear entirely legitimate, however a major red flag is the URL for the alleged OneDrive login page. As can be seen from the image above, the URL is not an official Microsoft address. At this stage, alarm bells should be ringing and the user should immediately leave the site and avoid entering any further information.
If you are in the unfortunate position of having entered your personal information, Microsoft have provided advice on what steps you should take next:
Uninstall applications that scammers have asked you to install
If you have given scammers access, consider resetting your device
Run a full scan with Windows Security to remove any malware
Apply all security updates as soon as they are available. To see available updates, select the Start button, then select Settings > Update & Security > Windows Update
Change your passwords
Call your credit card provider to contest the charges if you have already paid
Monitor logon activity. Use Windows Defender Firewall to block traffic to services that you would not normally access
To protect yourself from falling victim to these types of online scams, never click on suspicious links or download attachments from unknown sources. Other signs to look out for include; a generic greeting, poor grammar, a mismatched URL, threatening or urgent language, claims of prizes or a request for personal information.
If you’re looking to start a phishing awareness campaign or would like more information on how to protect yourself online, get in touch to find out how we can help.