Secure by Design

Helping You Make Sense of the Internet.

My Homepage
My Account
Web Mail

Two Email Scams on the Weekend

Two different email scams were launched over the weekend by criminals looking to trick unsuspecting people into providing their email usernames and passwords. One email appeared to come from Microsoft, and the other from “ Customer Service”. Both emails used convincing fake webmail login forms that look quite real, but are not and are designed to provide your username and password to them. Once they have access to a stolen email account, it is used to sent out spam through our servers to avoid blacklists and spam filters.

If you have filled in either of these two forms, you will need to change your password right away. You can change your password yourself on our web site by clicking on the Account icon on the top right corner of our screen. The proper internet addresss (URL) for our online account page always starts with:

Valid email login pages for our webmail service are:


The domain ( should always be followed by a slash, and come immediately after the https:// or http://. For example, looks almost right, but has a period instead of a slash, and would point to a fake page.

As always, be careful when visiting any site that you have to provide a username and password for. Be sure to watch for changes in the address bar, as often that is the only thing that gives away a forgery!

Here are some screen grabs of the fake emails and the fake login pages:

Fake Microsoft Email

Fake Microsoft Email

Fake Outlook Web Access

Fake Outlook Web Access

Email from "customer service"

Fraudulent email from “customer service”

False Webmail Login Page

False Webmail Login Page

Kirk Ismay

Secure by Design Technology

Comments are closed.