[COMPLETED] 🔍1st Scam Spotting Challenge: Phishing Email Edition🔍

Firmy
Firmy Posts: 1,892 Community Manager
edited November 11 in Announcements

Think you've got a keen eye for spotting scams? Test your skills with this week's Scam Spotting Challenge. The focus is on phishing emails – those suspicious messages designed to trick you into giving away sensitive information.

Challenge Details:

📅 Open Until: November 8th, 06:15 GMT
💬 How to Participate: Examine the attached phishing email sample and share in the comments how you determined it was a phishing attempt. Be sure to use your own words rather than AI for the most authentic response. What clues tipped you off?

Rewards:

🎖️ Exclusive Badges will be awarded to all participants.
🏆 The participant with the most accurate answer will receive an exclusive prize from F-Secure.

Whether you’re a seasoned pro or just getting started, this is a fantastic opportunity to learn and share insights with the community. Plus, each submission helps others improve their scam-spotting skills.

Ready to take on the challenge? Comment below with your answer and join the fight against phishing scams!

Firmy
Community Manager | F-Secure Community
🔐 Strengthening digital security through knowledge and collaboration
🌐 Explore our User Guides | Knowledge Base for self-help resources
💻 Empower yourself with Cybersecurity Insights and protect what matters
📢 Help Shape Our New Homepage! Share your input in our design survey.

Comments

  • Candi1
    Candi1 Posts: 69 Active Engager

    I see in the email address it came from "micronsoft.com". It also giving a very small time to comply(3 days) & to open the link, trying to make you click it without thinking about it(rushing you). And, wanting you to open a link that probably goes to a scam site to have you enter your login details(on a site they own that looks similar to a microsoft login site), so they can get your login details. Also, clicking on the pdf, that could install malware onto your device?

  • Ukko
    Ukko Posts: 3,737 Superuser

    Well..

    while reading the task and thinking about any incoming 'fishy' emails: I, usually, never try to open them to examine content or sort of things. Of course it depends on the email client or service, but mine is set up this way: the list contains only the sender's name, subject, and a small preview of the text of the letter; and, also, the date. Usually I point at the sender's "name" - so - to get visibility of which address the email was sent from (in other words, sent-from or not even reply-to). Most often this is enough against mass spam (as part of "random" scam / phishing campaigns) to understand what's what..

    so:

    when I opened provided screenshot: I think that due to the size of the picture and the focus, the sender's email immediately jumped out to me. On this I can say and would immediately understand that this is spam, phishing or scam.

    so, it says "Microsoft account team <account-security-noreply@accountprotection.mirconsoft.com"

    — microsoft main domain is misspelled twice.

    (note: such a domain may also be part of typosquatting schemes as well)

    Scammers try to represent themselves as Microsoft and that the letter was sent from their server (on their behalf), but in fact the sender's address is completely different, trying to mislead and be similar to the original one. It can be even more crafty in its attempt.

    // other than that - the letter could be real (if you do not take into account the "Microsoft" status), since many companies send rather sluggish and vague letters on some topics (other than marketing) and are official / legit and not phishing.

    However, there is a whole set of oddities here. Let's say they tell you to follow a link, but they attach a file (.pdf?!) about which they say nothing. They are trying to "scare" by saying that there are only three days and so on (although the whole essence of the threat is nonsense and bogus - three days from receiving the letter?! or reading? absurd..) And also there are no (or not visible in the screenshot) some usual things at the bottom such as purely "legal"information about the address, unsubscribe or sort of things. They didn't greet me either. This would raise my doubts.

    However, a year ago I received a real letter from Microsoft regarding the closure of one of the Outlook addresses due to inactivity. In fact, it looks exactly the same or even stranger (less professional or corporate). Most things are similar except for some details (like intimidation in a phishing letter) and, accordingly, the main point of the deceptive sender address.

    so if it weren't for the sender’s address, then we would have to look at something behind the link and where it leads. usually I can also try Googling the sender's address, as well as phrases from the letter. Probably in this example, such a search gives the correct results (misspelling will be corrected, and the text of the letter itself may have been taken from the real ones). so you just need to be vigilant and see who the sender is (and how the email address is written exactly).

  • Firmy
    Firmy Posts: 1,892 Community Manager
    edited November 11

    Thank you to everyone who participated in this challenge.

    The winner will be notified via private message. Badges have also been awarded to your profile.

    This round may be over, but stay tuned to our community page for the next exciting challenge. See you there!

    Firmy
    Community Manager | F-Secure Community
    🔐 Strengthening digital security through knowledge and collaboration
    🌐 Explore our User Guides | Knowledge Base for self-help resources
    💻 Empower yourself with Cybersecurity Insights and protect what matters
    📢 Help Shape Our New Homepage! Share your input in our design survey.

This discussion has been closed.
Feedback on New Design