Now and then, scammers try to find out new and unique ways to get hold of the personal as well as financial information of people from across the globe. Nowadays, they have started to take advantage of the current situation which is dwelling in people about the coronavirus pandemic. Scammers now have started to send phishing emails specifically to the Microsoft OneDrive users. Pretending to be from an actual government organization, they try to steal OneDrive information from the users.
Not only this, but they also fake their identity and pretend to be from consulting or charitable organizations. They try to steal information such as OneDrive usernames, passwords, etc. thus, to educate users about this new kind of scam, I have created this post so that they can take preventive measures in advance.
Some recent examples of OneDrive phishing
Read Also >> How to block Online pharmacy Cialis spam?
- Recently, a scam was reported in documents containing a questionnaire regarding coronavirus. This document is unrequested and when a user allows permission to this email, they are taken to a page. On this page, there is a notification under which an ‘Open’ button is present. After this, he is asked to enter some information. Upon the completion of all the requirements, you become the victim of a phishing scam.
- Emails from fake charitable organizations which are finding people to help the victims during this tough time. Using this trick, they try to get their hands on the company or individual information.
- Many organizations pretending to be from real fund-collecting organizations, trick people into sharing their account-related information which finally results in phishing attacks.
Advice to consumers and organizations
Individuals should follow these practices in order to stay one step ahead from the OneDrive phishing scams:
- Never share your OneDrive user information with anyone. Be it a request from charity or business. You should always stick to a reputable or trusted organization for charity purposes.
- Do not share the details of financial or personal information including your phone number, email, or anything else on a website about which you do not know correctly.
- Check the credibility of an email if it asks you to share your details because legitimate websites never ask for the personal information of the people.
- When you receive a suspicious link in the email, then one should not click on it and do the same with the attachments that are there in a suspicious email.
- You should also note that an email address can be easily spoofed. Therefore, if you come across a suspicious email, then you must try to speak to the one who has sent you the email. You may also get hold of the contact details of the sender on the official website.
- Organizations should never lag behind in implying multi-factor authentication technology to all the devices present in their workspace as well as the accounts that are being used on them. This will include Gmail, Office, or OneDrive accounts.
- Employees should be security training so that they imply best practices to keep the account and device-related data safe.
In case you come across a phishing email, then you must let everyone else know about it so that they can be prepared in advance about it. Also, report such emails and block that email address for future safety.