You have a new Fax!

Fax machine
When was the last time you received a fax? Possibly never. But, it might surprise some of you to know that millions of faxes get sent every day. In Germany, Japan and the US especially, they are alive and well, if not so much here in the UK. But how are they used in Phishing?

Phishing is not a specifically email related nuisance. SMS is another widely used approach (known as Smishing), but any medium can be used. It can be anything that targets stealing of personal information or money (the former only obtained in order to get the latter).

Here we’re looking at email, rather than faxes per se. But with the digitisation of services, both voicemail and faxes are now increasingly being delivered digitally as email attachments. Over the last year in particular, previously office bound workers started working from home, and as a result the use of hosted phone services saw a huge rise.

Phishing has followed this trend, and now one of the most common approaches that we’re seeing reported that gets through to the inbox is that of a received Fax.

Phishing email alerting to new fax messages

The above is a good example, though as usual, once you look closely there are several give-aways that it’s not real.

Webpage as an attachment

Very common these days is the replacement of a PDF or Word document as an attachment (both of which were often used to hide the links that take you to the phishing site rather than placing them in the message body) with an HTM/HTML file. In the example it’s Edge, but it could show up as Chrome or Firefox, depending on your default browser. 

What’s different about this is that the attachment contains code that runs a script on your computer. The attachment is a file, and if we save it and open it (securely of course, because we’re suspicious) we can see that it’s opened a web page but the URL is the location of that folder, not a website.

Fake Microsoft Office 365 sign in page

This example has other odd attributes. The page is mocked up to look like a Word document (why would a fax open as a Word Doc?) with the background blurred and a Microsoft sign in prompt overlaid on top. It’s not uncommon for the page to look like a standard Office 365 sign in page, or even your own company branded logon portal. Your email address is embedded in the script (I’ve changed it in the example) and it can even pull your custom office 365 sign in page background down making it look like your company portal.

You can enter a password, but no other buttons work.

Fake Microsoft Office 365 sign in page

As usual, if you try to sign in, it doesn’t work. It may then take you to the real Microsoft sign in web page after that, mainly to alleviate suspicion that this was a scam all along, and make you think there’s something wrong with the sign in.

Fake Microsoft Office 365 sign in page incorrect password

What else can we see?

There are other signs and inconsistencies which are often present that you can always look for.

  • Do you know the sender? Usually not.
  • Are you expecting a fax from anyone?
  • If it’s a voicemail, have you seen any missed calls? It is delivered in the same way your voicemail is normally delivered?
  • Does the message body fit the subject and the rest of the message?
  • If you click on the link or attachment (and really, you shouldn’t unless you are using a secure browser) does the page look like you would expect?

All this and more can reveal whether it’s a legitimate email or not. Often when receiving dodgy emails from unknown senders, we get a feeling that something is not right. The best action to take is to be extra cautious. Check with your IT department or, if it looks like it might be real and you just want to be sure, follow up independently by searching for the sender company online (not by clicking the link in the email) and give them a call to verify if they really did send it.

Like this article?

Share on Twitter
Share on LinkedIn
Share by Email

Subscribe to our monthly newsletter

Get the best IT tips and Office ideas in your inbox
Subscribe Now

Further reading

How To Set Up Signatures In Outlook

Geoff Courts 5 April 2024

Email signatures are important and have a number of purposes. A well designed signature can be a real benefit to your company brand. They also provide all your contact details, can be used to help with marketing campaigns, and if you’re a business, provide important required information about your company registration. Here’s some guidance on adding signatures in Outlook.

Read More »
Outlook

How To Find The Conflicts Folder in Outlook

Hubert 5 April 2024

In Outlook, the Conflicts folder is like a record of problems when your emails don’t sync well with the mail server. If there’s trouble syncing, you might end up with extra copies of the same email. These issues get listed in the Sync Issues folder. You wouldn’t often need to look in this folder, but over time it can get quite big, so you might occasionally need to see it to empty some space.

Read More »
wifi

How To Get Best Experience From Your Wireless Access Point

Ash 5 April 2024

We all know that Wi-Fi can be much more convenient for your office setup than connecting everything via cable, and as Wi-Fi speeds and connectivity get better, more offices are switching to wireless. However, many people have concerns that wireless is less reliable than cabled, and they worry that they will struggle with weak signals or frequent disconnections. This blog will provide you with all the knowledge you need to get the best wireless experience and keep you at your desk rather than under it, fiddling with cables.

Read More »
Scroll to Top