Phishing warning
Recently, there have been several phishing campaigns targeting, among others, municipalities in Sweden. The emails and the pages to which the emails link may appear to be credible and CERT-SE would therefore urge increased vigilance.
Glossary of terms
CERT-SE: Sweden's national CSIRT (Computer Security Incident Response Team)
dynamics[.]com: web pages linked to Microsoft services
These include emails containing links to dynamics[.]com, some of which contain forms. The emails come from personal email addresses that appear to correspond to an actual employee. The emails appear credible, are well-worded and have relevant content that matches the sender.
Phishing is a common practice that involves obtaining sensitive information such as usernames, passwords, account and credit card details, etc.
Tips
- be wary of emails from unknown and/or external senders
- look at the sender address and not just the name in suspicious emails
- report promptly if you in suspicious emails have opened attachments, clicked on links, scanned QR codes, provided sensitive information, etc.
- report the email as Phishing via the Report Message menu found in the top right of the opened email. The email is then deleted and information is sent to Microsoft.
