Be wary of disguised Microsoft OneNote Audio phishing emails

Online scammers are trying to create more sophisticated and unpredictable methods to convince victims to provide them with login information and other valuable personal data. The case below is a typical example.

This new phishing campaign involves OneNote Audio Note, which has just been deployed worldwide and has begun to "welcome" the first victims. Specifically, this phishing campaign appears as an email to the target with the subject "New Audio Note Received" (roughly translated: You have received a new audio note), with the content announcing that you received a new audio message, sent from a contact in the address book. However, to listen to the message content, you will have to click on the link that is available below - that's the malicious link.

1. Facebook's Libra electronic currency has not yet set a launch date but scam tricks are ready

Phishing email content

There is a noticeable feature: fraudulent scammers now often add footer notes that indicate this email is absolutely safe because it has been scanned by security software. For example, in this case, the hacker said that the email was "Scanned by McAfee Ultimate 2019 exclusive antivirus service for Microsoft" (Scanned by McAfee Ultimate 2019 Antivirus Scanning Service for Microsoft).

Also, this note will make the email more 'professional', easily fooling inexperienced people.

When you click on the "Listen to full message here" link (in case the device is connected to the internet), you will immediately be directed to the fake OneNote Online page, hosted on Sharepoint.com server. This page again reports that you have a new audio message (You have a new audio message), and then prompts you to click on another link to hear the message.

1. The winning scam from Google: 'The cat game' for the vigilant, 'tragic' for those who are light-hearted

OneNote fake online page

When clicking on the link to listen to Audio Note, you will continue to be taken to another Sharepoint.com hosting site (currently disabled). Now is the time when this phishing trick is actually 'visible', you will be prompted to sign in with your Microsoft account to listen to the message. And of course if you follow, all your Microsoft account login information will fall into the hands of hackers.

This fake page may look similar to the image below, often used by various phishing scams, accurately simulating the interface of Microsoft services login pages like OneNote, Office 365 and Outlook. If you don't pay close attention, you'll be fooled and assume that this is Microsoft's "genuine" login page.

1. New Android Trojans lead users to phishing websites by notification on the application

The fake Microsoft account login page

The phishing pages mentioned above are stored on Sharepoint.com server, so they will also come with a legitimate certificate from Microsoft. This detail helps them become more reliable in the victim's eyes.

Microsoft fake certificate

In general, this form of fraud has been more sophisticated, but is not new in nature. Even so, it will still be dangerous for ordinary users who don't have much knowledge about security.

1. Warning: Accessing the personal page of a comment about a scam can be robbed of a Facebook nick

For Microsoft accounts and Outlook.com login information, there is an important thing to remember: Microsoft login forms will only be available on legitimate domains like microsoft.com, live.com. , microsoftonline.com and outlook.com. If you are provided with a Microsoft login form but originating from any other URL, it is best to avoid it because it is more likely to be a phishing site, designed to collect victim login information. multiply.