A commonly-reported threat recently is the Fake Office 365 Document. These are very hard to detect, since the phisher uses graphics stolen from Microsoft to build the phish. Here’s how it works:
The phisher creates an account at a well-known site – in our case, it’s usually an Office 365 account (since that’s what we use here at Widener). They then send the recipient an invitation from the account to view a document. It looks real because the account really is an Office 365 account, but the link isn’t a document – it’s a page that asks you to enter your login name and password.
If they’re really clever bad guys, they ask you to enter it again (verifying the spelling). Then it errors, since they have your credentials at that point, and the process stalls.
The trick here is to only open documents that you’re expecting. The bad guys will use any way they can to get your data, identity, or login credentials.
