How to Spot a Password Reset Email Scam

 In Cyber Security, How to spot a scam

I’ve noticed an uptick in clients getting their secure email passwords hacked lately. I’ve had 5 clients report they reset their passwords with Microsoft only to find out weeks later their email account is sending out phishing email scams to every single contact they have. I’ve put together this guide in hopes that it will help you spot email & password fraud and prevent these annoyances and disasters from occurring in the future. 7 out 10 times people get their passwords hacked due to fraudulent password reset emails.

Here’s how it happens:

You Receive an email from what you think is Microsoft telling you to reset your password or verify your account.

Password Reset Email Scam

One of the easiest way to spot an email phishing scam is in the headers that display information about the sender. I’ve received 3 emails in the last 48 hrs asking me to verify my account with Microsoft. Notice all 3 headers display different logos subjects and senders. Spammers use this technique to circumvent spam filters and unfortunately it works. Before we go any further let’s discuss a Fortune 500 company like Microsoft for a minute. Microsoft will never send you a password reset or ask you to verify your account unless you initiated the request by choosing to reset your password. If you didn’t request to reset your password, then it means some else did or you’ve just received a password scam email.

Check The Senders Email Address

Notice in the photo below I’ve highlighted the sender of the email. At first it looks like the email is sent from Outlook Office 365 or Microsoft. Upon closer inspection we see that the actual sender is clare.putwain@si.liverpool.gov.uk Hmmm… This tells us everything we need to know. Clare doesn’t work for Microsoft nor does she probably exist at all.email scam

How to Spot a Scam…

Here is a video of what happens when you click the verify account link from the fake password reset email.

A Picture is Worth Thousand a Thousand Passwords…

If you are doing a legit password email reset or verification from Microsoft, you will be taken to a screen similar to this:

Real Microsoft 2018 Portal Login Page

Actual Microsoft 365 2018 Login Page

Note the URL: https://login.microsoftonline.com/ is from Microsoft and the copyright is updated to the most valid current year (2018 in this case)

Check UR URLS!

When I click on the fake password reset link I’m taking to a sign in page that looks ALMOST identical to the real 2017 Microsoft sign-in page. Can you tell the difference?

FAKE Microsoft Login Page

If you take away anything from this article it should be to always check your web urls. A web url is the website displayed in the top bar of your browser (Chrome, Safari, Firefox, or Microsoft Edge)  URL is an acronym for Uniform Resource Locator and is a reference (an address) to a resource on the Internet. For Example the website URL for this article is: http://www.techoperative.com/how-to-spot-a-scam-password-reset-email-scam When I click on “Verify” from the FAKE Microsoft Email Scam above I see the URL is https://echelonautosports.com/289/bzu87u69ytwc9c02zx748c0x.php?rand=13InboxLightaspxn.1774256418&fid.4.1252…………. Instead of the real Microsoft Login URL: https://login.microsoftonline.com/ page show below.

Real Microsoft Login Page

REAL Microsoft Login Page

Scam Phone Calls

This same tip goes for spam phone calls as well. Microsoft is damn near impossible to get a hold of over the phone unless you have a paid support plan. If someone calls you and says they work for Microsoft, Apple, or Google immediately hang up the phone it’s a scam. One thing tech giants like Microsoft or Google never do is call people. They’ve got literally 2/3rds of the planet calling them so they certainly don’t call customers randomly out of the blue and tell them they have a computer virus or a security problem. Those calls usually end in you giving them your credit card to fix a problem that was never there in the first place. Instead, you’ve given away your credit card number to a criminal who then sells it to the highest bidder or the dark web.

Baboon Spot a Scam Phone Call

What To Do If Your Password Was Compromised?

1st: DO NOT Panic!Muppet Panic from Password Reset Email Scam
2nd: Follow These Steps:
  1. Click and go to https://login.microsoftonline.com/
  2. Choose “Can’t access your account
    Real Microsoft Login Page
  3. Select the type of account you have (work/school or personal) Microsoft Work or School Account

4. Enter your email address and the captcha

Microsoft Password Reset5. Check Your Email and Follow The Instructions to Reset Your Password

If you’re still having trouble contact Tech Operative Computer Services in Whitefish, Montana. We’ve got you covered!
Email #TechOperative at br@techoperative.com or Call Us: 406-370-4764

Leave a Comment

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.