Your email didn't expire; it's just another sneaky scam

One particularly sneaky tactic involves impersonating a help desk or support team. You might receive an email claiming that your Microsoft 365 account is set to expire today. 

It's easy to see why people fall prey to these sorts of tactics, because scammers do a relatively good job of making these scam emails appear professional and legitimate. They go as far as to change the contact information of the email sender to something legitimate like an actual helpdesk or IT department or business.

Getting a "fake" email may seem relatively benign, but it can be a slippery slope to identity theft and fraud. Below are ways in which scammers take advantage of their victims with these phishing email scams:

1. Email validation: By opening the email or engaging with the email (clicking a link or responding to it), you can validate that the email account they messaged is active. Oftentimes, scammers randomly email people whose email address they've gotten from data breaches, the dark web or data harvesting.

2. Information gathering: If you reply to the email or use any other contact information they provide to "reinstate" your account, it will validate that the email address they reached out to is active, and they will likely hard-sell you for financial and personal information. If you call any phone number they provide you, they will also connect your phone number with your email address so they can continue to update their information on you.

3. Malware distribution: They will often have buttons, links or attachments included in the email. If you click the attachment, it can download malware or a virus to your device. If you click on a link that's provided in the email, it might take you to a website that will collect your personal and financial information or download malware or viruses to your device.

There are a few easy steps you can take if you receive an email you suspect is a phishing scam.

2. Do not reply or reach out to these scammers by email or phone: Engaging with them can confirm your email address is active, leading to more scams.

3. If your email client allows it, you can block the sender and report it as a phishing email: This action helps protect yourself and others by alerting your email provider to malicious activity.

4. Verify the email's legitimacy by checking the official website of the organization: Directly accessing your account ensures you receive accurate information without falling for fake notifications.

Phishing scams are becoming increasingly sophisticated, but staying informed and vigilant can significantly reduce your risk. By adopting good digital habits and following the tips we've shared, you can navigate the online world with confidence. Remember, awareness is your best defense, so keep sharing this knowledge with friends and family to help protect everyone from these deceptive tactics.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.