What you need to know
- A Microsoft 365 Defender Threat Intelligence Team report breaks down a common gift card scam.
- The report shows that scammers are still using some of the oldest schemes to steal money.
- A specific campaign looked at by Microsoft accidentally didn't use the right organization name when claiming to send company emails.
Spam emails are a constant in the modern world. Whether it's a personal or work email address, most people are inundated with all sorts of scams and schemes. A new study (opens in new tab) from the Microsoft 365 Defender Threat Intelligence Team breaks down one of the more common schemes, business email compromise (BEC) attacks.
These types of attacks try to trick people into approving payments, transferring money, or in the case of a specific campaign looked at by Microsoft, purchasing gift cards.
These types of attacks center around tricking people who might not look at the recipient email address. A scammer will send an email pretending to be from someone's boss or someone in authority and then ask for funds in one way or another.
Frequently, scammers use typo-squatted domains, which are fake domains that look real at a glance. For example, a scammer may add a letter to a website domain, like microsofft.com.
These types of attacks are quite old, but they're presumably still in use because they're effective. Scammers wouldn't keep using the same tactics if they didn't work. The fact that Microsoft Defender for Office 365 detects and blocks these threats could also indicate that people need to be protected from them.
Microsoft's report isn't written to be comedic, but it does highlight a silly mistake made by a specific set of scammers. The campaign that Microsoft covers in its post didn't use the correct organization names when trying to trick people. It would be like if someone claimed to be your boss but said they worked for the wrong company.
Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at email@example.com (opens in new tab).
You just can't beat a good grift but MY GOD how are we still this dumb?!? 👀
A fool and their money... Scammers pray on the stupid. It's honestly hard to feel bad for individuals that fall for them most of the time. I still feel though that ransomware attacks need to be reclassified as terrorism. Kill anyone that takes down hospitals, or even governments.
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.