Be on the lookout for phishing campaigns crafted to steal your login credentials. Such phishing campaigns occur via the delivery of unsolicited email from known businesses, entities or services. Current phishing campaigns which employ this strategy are email purporting to come from Amazon and Microsoft Outlook Web Access (OWA). These particular phishing emails request that you click an embedded link to enter your login credentials. Once you click the embedded link, you are redirected to a well crafted phishing website designed to steal your credentials. After entering login credentials in the phishing website, you are redirected to the legitimate website and prompted to login again.
Please be reminded to look at your browser’s address bar for indicators of a secure website, which include a lock symbol preceding the business/entity name and “https”, as shown below .
If you suspect you have fallen victim to this scam, please change your password asap for the service at issue by visiting the provider’s website via a known and trusted URL that you type into the browser’s address bar.
Recommended Phishing Resources: