"Phishing" - When You Receive What Appears To Be A Legitimate Email - But Its Not...
Take a good look at the email in the photo above. It can appear to come from Microsoft or ANY company such as Apple, Google, Xfinity, you name it theres a scam for it.
I wish it was more obvious to my customers that continue to get victimized by these scams, but its not addressed to the person it was sent to, it didn't come from a recognizable email address. To a trained eye, everything is wrong with this email.
To an untrained eye, it looks legitimate, and within a few minutes you have given up your password for your email, and a little while later after they sign into your account, they spam your address list pretending to be your poor Aunt who needs something purchased from Amazon please.
This is called a PHISHING scam. They are trying to "fish" or get you to voluntarily give up your password, by clicking the link in the email which asks you to "verify" your account credentials. I won't bore you with why its spelled with a "PH" instead of an "F". Google it.
This is how they try and get you. What a bunch of scumbags. No shortage of these scammers online, these scams, in addition to junk mail, are becoming a HUGE problem for whatever email system you use. Outlook.com, Gmail, Yahoo, Apple. No one is immune.
They miraculously bypass your junk mail filter, even though it is so obviously junk mail that it makes you question the technology they use to decide what is and is not junk.
When in doubt toss it out. Legitimate companies will almost NEVER ask you to VERIFY your password in an email message.
how can you protect yourself from yourself?
All online accounts have a higher level of protection for your account. The reason they don't enable it by default is because most people are already driven so crazy by all their passwords and accounts they don't want to introduce complexity right off the bat.
The protection I am referring to is called TWO FACTOR AUTHENTICATION.
When this protection is enabled, even if an attacker has your password, they will still be challenged to provide a CODE sent to a secondary source such as a second email address or a text message to a cell phone in order to sign into your account.
Not long ago all you needed was a cell phone # to text or a regular phone to call for the code
However, it is now increasingly becoming a pain in the ass to get the codes because some companies like Comcast are requiring you to have a second email address with a separate company.
Some online companies have also given up the practice of sending a code to a regular voice telephone. This is just flat out elderly abuse if you ask me, but I have strong opinions about technology, so pardon the hyperbole.
It is just unreasonable for the many technically challenged customers that I mostly deal with, to not only be able to deal with text messaging and smart phones, but also the creation of a SECOND email address, just to get codes sent too.
It is a sad state of affairs. Sometimes I feel like these tech companies are just waiting for some folks to die off. Terrible policies.
if you wish to enable two factor authentication you can setup an appointment with me or call the company yourself.
Its just too much to put into an article, I guess I'm lazy. Bye for now.