More than 647 complaints of phishing of Office 365 accounts were registered last week. These phishing attacks can have serious consequences. When criminals gain access to passwords to cloud accounts, they can then change the passwords and take over the victim's accounts.
This phishing technique is done through emails that look very professional and authentic. In this case, you receive an email with a relatively unsuspecting domain, as it is very close to the original address. If you click on it, a login window for Office 365 appears on the spoofed website. The message that appears informs you that your account is blocked and invites you to reset your password.
The 2 options proposed are:
1. Click on "reset password".
If you click, you will then be asked to enter another contact email address (back-up). Of course, you will never receive a reset email. Fraudsters will use it to find out another email address you use.
2. Answer a personal question to prove that it is you:
In this case, this means providing the scammers with other personal information yourself, e.g. your mother's maiden name. The fraudsters can then make you believe that it did not work and ask you to do it again.
Once the fraudsters have all this information about you and add it to the information they find on social networks, they can use it against you to hack into other accounts and act in your name.
How to spot fake e-mails?
- Read the email carefully and look for spelling mistakes. The presence of mistakes often indicates that it is a scam.
- The language of the mail is also important: if you are French speaking, e-Box will never send you messages in Dutch and vice versa.
- Check the e-mail address of the sender.
- Check the target of the link WITHOUT clicking on it. Just move your mouse over the "Go to my-eID" button. At the bottom, you will see the url of the website you are directed to. In this url you have to check the "domain". The domain is what is just before '.be'. If this domain is 'belgium' (like here: https://mycitizenebox.belgium.be/myebox/?lang=fr), you will be directed to the real My e-Box website. If there is something else before .be, the domain is fake and you should not click. You will see that the link does not lead to your e-Box. Do not click and forward the message to email@example.com.
- The tone of the mail should also catch your attention. Here you are called "geachte relatie". An incorrect and impersonal way of addressing citizens.
Don't fall into the trap!
What to do?
- Do not click on a link in a suspicious message, do not open attachments and do not download applications if you are asked to.
- Suspicious emails can be forwarded to firstname.lastname@example.org.
- Suspicious text messages can also be forwarded. Take a screenshot and send it to email@example.com. The content is then processed automatically.
Did you click on a suspicious link?
- If you have clicked on the link, do not complete the fields and terminate any interaction.
- NEVER give out personal codes.
- If you have entered a password that you also use elsewhere, change it immediately.
Have you been scammed?
- If you have lost money or are being extorted, we recommend that you file a report with your local police straight away.
- Contact your bank and/or Card Stop on 078 170 170 (+32 78 170 170 from abroad) if you have passed on bank details, money is disappearing from your bank account or if you have transferred money to a scammer. In this way, any fraudulent transactions can be blocked.