If in doubt, don’t click

Posted on by Ben Schneider of BLS Computer Solutions

On the whole I do enjoy getting emails from customers. The best ones are probably when they buy something from us… but almost as good is when they want confirmation that they’ve saved themselves time and money. An example of this popped into my inbox a short while ago – a customer asking me if an email was genuine. They were correct to be skeptical in this case and I’m pleased that the customer listened to their inner voice.


Here’s some clues as to why the email could be identified as dodgy – a phishing email:

The from address is nowhere near correct – you should expect that it should have Microsoft email address or something genuine-looking in there (of course this could be spoofed…)
The email subject just doesn’t make sense, really.

The body of the text doesn’t really make make sense – it doesn’t explain the issue – why would you need to be directed to upgrade to a new service agreement to avoid suspension of services? That’s not how we do business. Does anyone? Plus there is the slight grammar error – you’d say the “… account needs to be updated…” (notice the absence of s).

A genuine unsolicited email shouldn’t have a link in it, tempting you to click it. If you need to login to the relevant account, the email should say “…login to your account to read the updated terms…” or similar.

Lastly, if you can hover the link, you can see that it doesn’t go to a Microsoft web address.