Tech Pro Space LLC
Tech Pro Space LLC

I Got An Email About Password Expiring Phishing Scam

11/14/2021 04:32 PM By Vicente Agama

I recently received an email claiming to be from Microsoft, stating that my password was about to expire and I needed to update it to avoid being locked out. While the email seemed legitimate at first glance, I noticed several red flags that indicated it was a phishing attempt.

Phishing scams are very clever

Scammers often try to trick people into believing that they are a trusted source of information or a legitimate company. One common tactic they use is to send a message or email with a link that appears to be from a reputable website or company. However, the link actually leads to a fake website that is designed to look like the real one. The purpose of this fake website is to trick you into entering your login credentials or other personal information.
It is important to be vigilant when interacting with unfamiliar messages or emails, as scammers can be very clever and may use sophisticated tactics to try to fool you. If you receive a message or email that seems suspicious or contains a link, be sure to check the authenticity of the website before entering any personal information. You can do this by hovering your mouse over the link to see the destination URL or by manually typing in the URL of the website you want to visit.

How can you tell an email is a scam?

There are several signs that can indicate a scam. If you are unsure whether a message or email is legitimate, it is always a good idea to ask for help or report it to the appropriate authorities. Remember, even the most tech-savvy and intelligent people can fall victim to scams, so it is important to be vigilant and cautious.


Here are some common signs of a scam:


  • Contains poor grammar, spelling, or formatting.
  • Includes links that take you to a suspicious or fake website.
  • Asks for personal information, such as login credentials or financial information.
  • Asks for money, including wire transfers, gift cards, credit card numbers, or checks.
  • It asks you to download files or software.
  • Mentions a phone number or asks you to call a number in order to verify your identity.
  • Demands immediate action or sounds like a threat.
  • It appears to be from someone you know, but the content of the message seems out of character or unusual for them.

To verify the authenticity of a link, you can hover your mouse over it and check the destination URL that appears. This can help you determine whether the link is legitimate or potentially malicious. Always be cautious when interacting with unfamiliar messages or emails, and trust your instincts if something seems off.


Looking at the email header

The header of an email contains who sent it, who it was sent to, what time it was sent, and where it was sent. Normally, email headers are hidden. It will depend on what email service you are using. I recommend you look up your email providers documentation. You can also do a simple google search on how to find them. There is a good amount of information you can get from the header. These are just some of what you will find.

  • The "From" header tells you who sent the message
  • The "To header" tells you about the recipient of the email
  • The "Date" header tells you when the message was sent
  • The "subject" whatever text the sender entered in the Subject heading before sending
  • The X-Originating-IP header tells you which IP address the message was sent from

These are just some of the things you will find in the email header. You can and should report them when possible. They may request you submit the header information so they can investigate them. This is true especially for email marketing companies. They have departments that deal with these types of abuse emails. They will investigate to shut them down.

You want to be aware of these threats

No one is immune to phishing attacks. These emails are carefully crafted and can often be difficult to spot. The best course of action is to report the email and delete it immediately. It's important to remember that Microsoft, as well as companies and government agencies, would never send unsolicited emails. If you receive an email that looks suspicious, don't be afraid to ask someone to verify its authenticity. This can save you time and prevent potential headaches down the road.

Vicente Agama