How to Spot a Password Reset Email Scam
I’ve noticed an uptick in clients getting their secure email passwords hacked lately. I’ve had 5 clients report they reset their passwords with Microsoft only to find out weeks later their email account is sending out phishing email scams to every single contact they have. I’ve put together this guide in hopes that it will help you spot email & password fraud and prevent these annoyances and disasters from occurring in the future. 7 out 10 times people get their passwords hacked due to fraudulent password reset emails.
Here’s how it happens:
You Receive an email from what you think is Microsoft telling you to reset your password or verify your account.
One of the easiest way to spot an email phishing scam is in the headers that display information about the sender. I’ve received 3 emails in the last 48 hrs asking me to verify my account with Microsoft. Notice all 3 headers display different logos subjects and senders. Spammers use this technique to circumvent spam filters and unfortunately it works. Before we go any further let’s discuss a Fortune 500 company like Microsoft for a minute. Microsoft will never send you a password reset or ask you to verify your account unless you initiated the request by choosing to reset your password. If you didn’t request to reset your password, then it means some else did or you’ve just received a password scam email.
Check The Senders Email Address
Notice in the photo below I’ve highlighted the sender of the email. At first it looks like the email is sent from Outlook Office 365 or Microsoft. Upon closer inspection we see that the actual sender is firstname.lastname@example.org Hmmm… This tells us everything we need to know. Clare doesn’t work for Microsoft nor does she probably exist at all.
How to Spot a Scam…
Here is a video of what happens when you click the verify account link from the fake password reset email.
A Picture is Worth Thousand a Thousand Passwords…
If you are doing a legit password email reset or verification from Microsoft, you will be taken to a screen similar to this:
Note the URL: https://login.microsoftonline.com/ is from Microsoft and the copyright is updated to the most valid current year (2018 in this case)
Check UR URLS!
When I click on the fake password reset link I’m taking to a sign in page that looks ALMOST identical to the real 2017 Microsoft sign-in page. Can you tell the difference?
If you take away anything from this article it should be to always check your web urls. A web url is the website displayed in the top bar of your browser (Chrome, Safari, Firefox, or Microsoft Edge) URL is an acronym for Uniform Resource Locator and is a reference (an address) to a resource on the Internet. For Example the website URL for this article is: http://www.techoperative.com/how-to-spot-a-scam-password-reset-email-scam When I click on “Verify” from the FAKE Microsoft Email Scam above I see the URL is https://echelonautosports.com/289/bzu87u69ytwc9c02zx748c0x.php?rand=13InboxLightaspxn.1774256418&fid.4.1252…………. Instead of the real Microsoft Login URL: https://login.microsoftonline.com/ page show below.
Scam Phone Calls
This same tip goes for spam phone calls as well. Microsoft is damn near impossible to get a hold of over the phone unless you have a paid support plan. If someone calls you and says they work for Microsoft, Apple, or Google immediately hang up the phone it’s a scam. One thing tech giants like Microsoft or Google never do is call people. They’ve got literally 2/3rds of the planet calling them so they certainly don’t call customers randomly out of the blue and tell them they have a computer virus or a security problem. Those calls usually end in you giving them your credit card to fix a problem that was never there in the first place. Instead, you’ve given away your credit card number to a criminal who then sells it to the highest bidder or the dark web.
What To Do If Your Password Was Compromised?
2nd: Follow These Steps:
- Click and go to https://login.microsoftonline.com/
- Choose “Can’t access your account”
- Select the type of account you have (work/school or personal)
4. Enter your email address and the captcha
5. Check Your Email and Follow The Instructions to Reset Your Password