A new phishing email scam that pretends to be from a trusted source and requests that the recipient either open a secure document or change their password. This document, though, prompts you to login at a fake Office 365 login prompt (sometimes even google or yahoo as well), which is used to steal your credentials. It looks just like the legitimate page, except for the URL.  It even says the webpage is a secured site!

UPDATE: We have seen emails come in that look like AT&T or Verizon as well (see below).

If you “sign in” on this page, you just gave them your password, then they get to do whatever they want with your email account!

A few ways you can avoid this scam:

  • Check your URL, the full site link at the top of your browser (see bellow), check to see if it matches the company/website that you’re trying to sign in to.  (it might even look correct, but be spelled slightly differently)
  • If you haven’t requested a password change, don’t click anything in the email, just delete the email.
  • If you ever need to change a password, go to the site yourself and not a link sent through an email (unless you requested a password reset the YOU know about).
  • If you are unsure, call Sector One!

Here are a few Examples of this scam: