Nice weather for a spot of phishing.

Watch out this 4th July for a flurry of phishing emails that may make it into your inbox.

Here’s a list of some of the popular ones doing the rounds now.

 

  • Microsoft/Office 365: Secure Your Microsoft Email Now – This message spoofs Microsoft and advises users to reconfirm ownership of their account by clicking a malicious link.
  • Keller Williams Closing Document: This message includes a malicious PDF attachment disguised as a Closing Document for a property purchase.
  • Microsoft/Office 365: Microsoft Office Phishing and Spam Security Alert – This message spoofs Microsoft and advises users to confirm new security settings on their account by clicking a malicious link.
  • Outlook/McAfee: Outlook Web App McAfee® NOTIFICATION ALERT- This email spoofs an Outlook/McAfee notification and attempts to trick the user into clicking a malicious link to comply with their account requirements.
  • Bank of Montreal: Payment made to a first-time payee – This email notifies the user that funds were transferred out of their account and provides a malicious link for them to click on if they want to dispute the transfer.
  • Summons Notification: This shocking message informs the user they’ve violated a Federal Law and provides a malicious link that they need to click on to download more information.
  • Western Union: Too Many Login Attempts On Your Account. – This message contains a malicious HTML file that is disguised as updated software and safety precautions the user must follow for security reasons.
  • Microsoft: Upgrade to our advanced secure server to prevent phishing attacks – This message contains a malicious link which the user is prompted to click on to migrate to a newer, more secure email platform.
  • RBC Banking: User Access Agreement Documentation – This email spoofs the Royal Bank of Canada and advises the user to open a malicious Excel attachment to synchronize their authentication device.
  • American Express: You have a new message – This message advises the user that their Personal Security Key has expired and that they must verify their information by clicking on a malicious link.