Sales and General Enquiries: 0333 311 0109

Support: 0333 311 0809

 Avada Accountant Demo
General: 0333 311 0109 | Support: 0333 311 0809
 Avada Accountant Demo

Is that Microsoft email a phishing attack?

Most businesses know that phishing emails are on the increase. Cyber criminals send an email which contains a malicious link or file that allows them to access your network. 83% of organisations reported an attack in the past few years, so it is more a case of “when” rather than “if”.

Hackers are becoming increasingly sophisticated with their methods and impersonating well-known brands as one of the tools in their armoury.

Microsoft has become the most imitated brand for phishing attacks, and whilst it is no fault of the brand, you and your employees need to be on high alert for anything suspicious.

During the second quarter of 2023, phishing attacks disguised as Microsoft accounted for 29% of attempts. Other brands included in the report were Google at 19.5% and Apple at 5.2%. The list also included Amazon, LinkedIn and Facebook.

What does this mean for your business?

Despite an evident surge in fake emails targeting Windows and Microsoft 365 customers, alerting your staff and giving them clear training and support will help protect you from data theft and fraudulent attacks.

The most imitated brands change, but cyber criminals are less likely to change their tactics.

They use legitimate-looking logos, colours, and fonts. Phishing scams frequently use domains or URLs similar to the brand they are impersonating.

Your staff should be aware of what to look for;

  • The content of the message doesn’t seem quite right, often asking for an immediate response
  • There are typos in the body of the email (although AI is being exploited to resolve this)
  • The email address is not quite right ie. [email protected]

One of the latest attacks suggests that there has been an unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from your login and password to payment details.

The answer is more straightforward than you might think. Work with your staff and teach them to slow down, observe, and analyse. Check for discrepancies in URLs, domains, and message text. Be aware that if the email asks you to click on an unusual link or to do something instantly, like make a payment, treat it with caution. Knowledge really is power when it comes to preventing attacks like these.

There have been huge developments in cyber protection systems, but the human layer will always be your last defence and can be your weakest if you don’t give them the necessary training.”

Find out how we can help

James Tilbury
Tel: 01480 501500
Mobile: 07834 850809

For James’ other articles, blogs and insights, click here.

Download The Business owner’s guide to phishing 

This free guide will give you insight into the types of attacks to look out for and advice and guidance for you and your staff


ILUX kickstarts 2024 with new jobs, new people and new clients

February 16, 2024|

ILUX, the IT support and consultancy business, has kickstarted the year with key promotions and new staff, and added three local household names to its client portfolio. The company began working with Premier Travel in January as a strategic IT consultant to the business. The travel agency, [Read more]

Anti-Virus is no longer enough

January 4, 2024|

Over the past 12 months, we have seen a significant increase in the number of cyber attacks on SMEs. Gone are the days when hackers only targeted large businesses. They are increasingly turning their attention to small and medium-sized organisations where there is likely to be less [Read more]

Ready to talk?

Get in touch now to speak to our expert advisors on how we can help transform your business.

Contact Us
Go to Top