Beware of OneNote Audio Note Scam

Phishing scams have been around for a long time, posing significant problems for individuals and businesses. Scammers are now targeting OneNote users with a new phishing scam that poses a threat to your online security. This new method looks very convincing, fooling even the savviest users. It starts off in the form of an email with the subject of “New Audio Note Received”, implying that someone in your contact list has sent you an audio message. The email contains a link which leads you to a fake OneNote Online page hosted on Sharepoint.com. In an attempt to look credible, a footnote is added stating that the email is safe and scanned by a specific security software company.

Once you click on the link provided, it will direct you to a page that will prompt you to log in with your Microsoft credentials. The “Microsoft” page looks very similar to the real one, except for the suspicious link. This phishing scam is so convincing that it comes with a legitimate certificate from Microsoft, successfully deceiving its recipients.

If you encounter emails that will direct you to your Microsoft or Outlook accounts, always remember that the Microsoft and Outlook login page will always be on the following domains:

  • microsoft.com
  • live.com
  • microsoftonline.com
  • outlook.com

In order to keep your personal information safe, and to avoid getting caught up in these types of phishing scams, below are some recommendations to consider.

  • Be on the lookout for grammatical and spelling errors in the email. Emails from legitimate companies will ensure that the content is proofread and error-free before being sent out
  • Check for mismatched URLs. While the embedded URL looks valid, it is good practice to always hover over links to find out if it will show a different web address
  • Avoid clicking links or downloading files from suspicious emails as a general rule, even if they do come from a ‘trustworthy’ source Avoid
  • Scan your emails with antivirus software such as Trend Micro Maximum Security, which can identify suspicious links in emails, websites, and social media in order to prevent your personal information from ending up in the wrong hands
  • Phishing emails tend to be sent to a large amount of people, with messages often having a generic subject and greeting. Impersonal emails such as these can be a sign of a phishing scam
  • If the email looks suspicious, it probably is. Always remain on the saide of caution if sending your personal information

Learn more about the protection Trend Micro Maximum Security can provide you here.

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *