Photo of Joakim Hedlund

Joakim Hedlund

Web enthusiast

Microsoft and Phishing

Last updated

Using the internet is hard work. I always have a lingering feeling that there's someone trying to trick me into signing up for, and sometimes even purchasing, things I don't want.

At best, phishing is used to collect personal information. The reason I say at best is because in Sweden, there's very little information about my person that isn't already public domain. You can easily look up anyones social security number online, and that's fine. The system is designed to work differently from what our international friends are used to.

At worst, phishing used to collect payment information (primarily credit cards). It's nasty business because phishers are really good designers these days They'll make websites and emails that look incredibly similar to the real deal. Luckily, most phishers still fall short on the grammar and I notice before it's too late.

A wild Microsoft appears

I don't hold much of a grudge for the fine folks over in Redmond, I just think that someone spent far too little time considering the implications of their registration email. Let's have a look:

Screenshot of a legit signup email from Microsoft, with arrows indicating phishing

Lets start with the call-to-action (CTA): It refers to my email address and that sort of makes sense. After all, I'm receiving the email to confirm that I am indeed the owner of the address. But there is more to consider; my actual name is nowhere to be found. Not in the To: field, not in the body, nowhere. This is typical for phishers that simply send broadly to a variety of email addresses without knowing who owns them.

In my case it's obvious my name is Joakim thanks to the email address, but if you have an address like [email protected] then it's looking really fishy that they address the content of the email to badass_ninja_43 instead of Joakim.

Moving on. Normally, you'd see something along the lines of "If you did not request this email, please ignore it.". Instead, Microsoft is really pushing for me to click a link in it. It's off-putting how much they insist I do.

Now, if you're a nerd like me or used to have MSN back in the dark ages, you likely know what Live is. If you're growing up on this side of the new millenium, you might not.

Compare the domain that the email allegedly was sent from. Now look at the domain the links point to. That's some scary stuff, right there.