Informational-severity alert:Creation of forwarding/redirect rule Case ID:IPx2rFL
This email below has been confirmed as malicious or fraudulent by the Information Security department. If you have received this phishing email, do not open any attachments or follow the link(s) in the message; simply delete the email.This phishing email employs a fake security alert from Microsoft 365 to exploit the recipient’s trust and urgency, warning of a newly created forwarding rule to prompt immediate action. It uses a seemingly official Microsoft domain and format to appear legitimate, while embedding a malicious link designed to harvest credentials or install malware. The email’s lack of personalization and unusual sender address are key indicators of its fraudulent nature. Below are the red flags:
- Sender Email Address: The email originates from an unrecognized domain (support@econcern.com.np), which is not associated with Microsoft, indicating it is a phishing attempt.
- Malicious Link: The “View alert details” button links to a malicious website, intended to steal credentials or install malware.
- Visual Design: Although the email mimics the appearance of Microsoft communications, it contains discrepancies in design and typography.
