Watch Out for Fake Microsoft Forms
September 23rd, Tip of the Week |
Cybercriminals are using Microsoft Forms, a tool you’re likely very familiar with, to trick you into giving them your Microsoft 365, Adobe, and/or university login information. Microsoft Forms allows you to create surveys, quizzes, and other documents. Unfortunately, cybercriminals are using this tool to create forms that contain malicious links. These fake forms can easily fool you into thinking they’re official Microsoft documents because they have convincing titles and even use Microsoft icons when viewed in a web browser.
In this scam, you receive an email instructing you to urgently change your password, read messages, or look at sensitive work documents. The email directs you to the form, prompting you to click a link. However, the link is malicious, and if you click it, you will be directed to a fake Microsoft 365 or Adobe login page. This page will prompt you to enter your sign-in details, such as your email address and password. If you enter your login credentials here, cybercriminals can steal them!
Source: KnowBe4 Scam of the week
Fake Microsoft Email Alerts
September 16th, Tip of the Week |
Be cautious of fake security alerts that appear to be from Microsoft prompting you to follow a link and log in with your work credentials. These phishing attempts often appear as urgent security notifications, claiming unusual sign-in activity or account issues. Always verify the sender’s email address and look for signs of phishing, such as poor grammar or suspicious links.
Before entering any credentials, check the URL to ensure it matches the official Microsoft site. If you receive a suspicious alert, do not click any links; instead, report it to the ITS Security Awareness Team by clicking the Phish Alert Button (PAB) in your W&L Outlook email client.
Beware of Fake Tech Support in Google Search Results
September 9th, Tip of the Week |
Cybercriminals are using deceptive tactics to place fraudulent tech support phone numbers in Google search results. When you search for help with services like banking, software, or tech support, scammers may manipulate results to display fake customer service numbers. If you call these numbers, you risk giving sensitive information directly to cybercriminals, who may pose as legitimate representatives.
To protect yourself:
1. Never trust a phone number just because it appears in search results.
2. Always verify contact information by going directly to the official website of the company or service.
3. Avoid sharing personal or financial information over the phone unless you are certain of the legitimacy of the call.
Celebrity AI Phishing Scams are on the Rise
September 3rd, Tip of the Week |
Cybercriminals are increasingly using AI to create convincing fake videos and messages featuring celebrities. These scams often involve endorsements for investments, giveaways, or charitable donations. Here’s how to protect yourself:
1. Verify Authenticity: Always check for the verified blue checkmark on social media profiles to ensure you are interacting with the real celebrity.
2. Be Skeptical: If an offer seems too good to be true, it probably is. Celebrities rarely give away money or ask for donations via social media.
3. Avoid Clicking Links: Don’t click on links or scan QR codes from unsolicited messages or posts.
4. Use Trusted Sources: Only use official websites and channels for financial transactions and donations.
