The Hotmail Attack
I‘ve come across two or three of these email attacks recently. It’s a tried & tested format for a scammer but with a slight tweak to the process. There’s a simple procedure to protect yourself from these attacks, one that you’ve heard me go on and on about, but I’ll come to that later.
When I receive a call regarding this, the user always believes that their device has been compromised, but it never is, its a simple case of an attacker targeting well known services, Microsoft & Yahoo seem to be the most common, with accounts less than protected with poor passwords. Everything is done from the email website portal.
The purpose of these attacks are to target your contact list to send an email with a plea for help, financial of course. And although many of us have seen these type of email scams, to the unwary and untrained eye they can seem genuine, I’ve certainly come across users who have parted ways with their money never to be seen again.
Then, as we’ve seen in the past, they would use the forward email option, ticking the box to not save a copy. This way when they send their request for help any reply is forwarded to the newly created address, you’ll never see that reply, and in turn they can reply in an attempt to create a conversation as if it were you, gaining trust that you are in need of funds and therefore completing the perfect scam.
The slight change we’ve seen with these Microsoft (Hotmail, Live, Outlook) accounts is the use of a rule rather than the forwarding option. A new folder is created with either . or “ as the title, its not very obvious to see in your folder list, then any new emails are forwarded to the spoof address and moved to the newly created folder.
It’s a really traumatic experience for the clients I’ve helped and a violation of their email.
So how do you protect yourself from this happening? It’s simple, 2FA (two factor authentication). Every Microsoft account should have this turned on by default, but they don’t enforce it so its up to you to protect your account.
As always we can help protect your accounts, contact us today.