Be wary of some fake email confirmation notices doing the rounds this week. Although there are some classic spam hallmarks of a phishing email, there are some clever touches too. These are going out as mass email from a hacked mailbox on the stamps.com domain and they are using a script pull the company name from email domain name e.g. itbuilder.co.uk and stamp this in the sender name, prepending it to “IT Technical Support” to make it look like it comes from an IT department or service provider. Note the highlighted section on the image below. The email address in the message header should be suspicious enough, but unsuspecting staff may not be wise to this.
The link in the email, as usual, goes to a fake Office 365 login page so attempts to harvest more login credentials to access mailboxes with a view to committing fraud. This is why it is so essential to get 2-factor authentication enabled on your cloud email services.