I found this email in my inbox last night:
I took a screenshot and deleted personal stuff so you could see what it looks like.
Firstly, how did I know this was a scam? Simple – I don’t use Microsoft OneDrive. I have NEVER used OneDrive.
Next, if you look at the email sender it says:
Not even a hint of Microsoft anywhere. ‘mail.onedrive’ is a domain that has nothing to do with Microsoft. [When you register a domain, no one else can use it. But there is nothing to stop someone from registering a domain that ‘hints’ at belonging to a well known company].
And finally, do you see the big, red ‘YOU’? I put that in to highlight the poor grammar used in the body of the email. You won’t always find poor grammar, but when you do, it’s a dead giveaway. Whoever set up this scam copied trademarked elements of the Microsoft brand and cobbled them together along with a few bits of their own.
So, what’s the point of this scam email?
The point is to get you to click any one of the links in the email. Those links will not take you to a genuine Microsoft web page. If the scammers are better than most, they will fake up a second page to soothe any lingering suspicions. Otherwise they may just give you some kind of error message. But while you’re staring at the message and wondering what to do, you could be downloading a virus or a worm or a trojan or a keylogger onto your computer.
Why is that bad? It’s bad because you could lose your privacy, your internet banking password, or find your computer is being used in a network to scam yet more people. And those are just three things off the top of my head.
Given how many people use Microsoft products, this scam could cause a hell of a lot of damage.
DO. NOT. CLICK. ANY. LINKS. IN. AN. EMAIL….especially this one.
Take care and stay well,