Fake Email from Microsoft Asks for Billing Address Confirmation

Status
Not open for further replies.

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
A phishing campaign aims at harvesting financial information from gullible recipients believing the email to be genuine and that it comes from Microsoft.

The messages are clearly directed at users that purchased at least one Microsoft product and they are delivered in HTML format, which may make it appear legitimate as images are also supported.

The subject is simple and announces the recipient that they need to confirm the billing address by June 30. This line has been employed in phishing scams targeting users of various services and should be ring the alarm bells straight away.
Return email address reveals the scam

MillerSmiles caught a sample of the email and marked it with a medium-high risk, meaning that the potential number of victims it can make is quite elevated.

Although the sender appears to be Microsoft, the return email is official@ail.com, and the website address the potential victim is instructed to access in order to comply with the request has nothing to do with the software giant.

According to MillerSmiles, the server hosting the website is located in Dallas, Texas, which could indicate that the scammers are from the US. However, they are using the services of a web host company called Avantec, so they could be anywhere in the world.
Guard your payment card details

The purpose of the email is clearly collecting sufficient data about the payment card for making fraudulent online purchases in the name of the victim.

Users should always steer away from web pages asking to reveal card information such as number, CVV (card verification value - the three numbers usually available on the back of the card) and the expiration date.

These details are sufficient for buying products online. Although a delivery address is needed, cybercriminals are organized and provide locations that cannot be associated with them. The products are then sold for a fraction of their original price.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top