Your company is participating in a Cyber Security Education Program.
This Account Close Phishing Attack included the following social engineering techniques:
- Email name includes company name associated with email (example: Microsoft)
- Email name includes <fake email> to appear as the "real" email used (example: @accountprotection.microsoft.com)
- Subject to appear critical or official (example: Microsoft account security notification)
- Time bound / Urgent email (example: ... closed and deleted in 2 days.)
- Limited and simple content to minimize detection by email filters.
How to spot this was a phishing email:
- From email address ("real" at end; after <fake email>) is some random domain not associated with your company or any software product used (example: @locked-outlook.com is not associated with Microsoft)
- The link provided references a domain not associated with official company (example: expired.locked-outlook.com); official being something like "...microsoft.com"
- This email was/may have been filtered and in your junk mail folder.
