This phishing attack is a fake website that looks similar to the US Department of Labor. The site asks for your personal information and provides general directions on how to proceed with the process. This guide was written in order to help prevent people from falling victim, but if you have already been victimized, then this article will provide more detail about what steps can be taken next time around
The “office 365 phishing email example” is an email that was sent to a user’s work account, and it presented itself as the US Department of Labor.
Don has been writing professionally for more than ten years, although his love of the written word began in elementary school. Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, and other websites have featured his work. Continue reading
- A new phishing effort posing as part of the United States Department of Labor has been discovered.
- Users who bid on the link will be routed to a domain that looks a lot like the department’s genuine domain.
- The assault is aimed at the users’ credentials, particularly their email addresses and passwords.
Scammers are impersonating the US Department of Labor (DOL) in order to acquire Office 365 credentials as part of a new phishing effort.
But why Office 365 specifically? The answer is straightforward: Office 365 is one of the most widely used commercial productivity packages. It’s so popular that it’s now utilized by 28 million companies all around the globe.
Some of the emails are sent from a series of freshly constructed look-alike domains, while others are sent from faked domains that seem to come from the official DoL site.
The following are some of the fake domains:
- dol-gov[.]com
- dol-gov[.]us
- bids-dolgov[.]us
The assault spreads its messages by using servers belonging to non-profit organizations, which are often overlooked by email filtering software. This permits the emails to travel past typical security systems without being intercepted.
The sender poses as a senior Department of Labor official and urges the recipient to submit a proposal for a current government project.
The email contains a link to what looks to be an Office 365 login page, but is really a rogue site that captures the victim’s login credentials and uses them to get access to the genuine Office 365 environment.
According to Microsoft, targets get a mail from what looks to be an official Department of Labor address, but is really from a fraudster. The email instructs the recipient to make a proposal for a current government project, but it contains a link to a bogus landing page.
The emails have a real letterhead, a professional style and content, and a three-page PDF attachment with what looks to be a legal form.
Users should also be aware of the following domains, since they are also involved in the scam.
- opendolbid[.]us
- usdol-gov[.]com
- bid-dolgov[.]us
- us-dolbids[.]us
- dol-bids[.]us
- openbids-dolgov[.]us
- open-biddolgov[.]us
- openbids-dolgov[.]com
- usdol-gov[.]us
- dolbids[.]com
- openbid-dolgov[.]us
- dol[.] global
Keeping an eye on all of these sites may be time consuming, therefore any site that asks for your Office 365 credentials to read a document should be disregarded as an extra degree of protection.
What are some of your methods for avoiding phishing scams? Let us know what you think in the comments area below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Watch This Video-
The “this sender might be impersonating a domain that’s associated with your organization” is an email phishing attack that presents itself as the US Department of Labor. It contains a link to a fake website and asks you to enter your username and password.
Related Tags
- office 365 phishing email 2021
- office 365 phishing attacks
- what is whaling phishing attack
- microsoft rolls out protection for critical accounts in office 365
- domain impersonation office 365
