Forum Discussion

Copper Contributor

May 02, 2022

Solved

Phising e-mail from microsoft domain?!

Hello, I got this e-mail today and it was in my Junk folder so I thought it was phishing email. But once I opened it sender had microsoft.com in email as domain. After inspecting similar e-mails ...

Adin_Calkic
May 02, 2022
Hi usanzadunje ,

It's a good catch from your end, as this is definitely a phishing email. See below.
Dkim, dmarc, spf failed... There is no doubt that message was tagged to go to junk, but I also see that action=oreject might have been the reason it went to Inbox.

Hopefully you won't have these issues in the future, but if you suspect to anything you can analyze the heard, go to Message Header Analyzer (mha.azurewebsites.net) and paste the header.

usanzadunje

Copper Contributor

May 02, 2022

Adin_Calkic

Sure, here is the log. It wont let me upload .txt file so I dumped whole log here.

Adin_Calkic

Steel Contributor

May 02, 2022

Hi usanzadunje ,

It's a good catch from your end, as this is definitely a phishing email. See below.

Dkim, dmarc, spf failed... There is no doubt that message was tagged to go to junk, but I also see that action=oreject might have been the reason it went to Inbox.

Hopefully you won't have these issues in the future, but if you suspect to anything you can analyze the heard, go to Message Header Analyzer (mha.azurewebsites.net) and paste the header.

usanzadunje
Copper Contributor
May 03, 2022
Ohh, good to know this. Thanks for that.

I guess these malicious users have become very crafty these days 🙂
- Deleted
  May 03, 2022
  usanzadunje
  I think you should remove the log dumps -> there is information that should not be shared in a public forum.
  And other MTC Members should not ask for this - for safety.
  - usanzadunje
    Copper Contributor
    May 03, 2022
    Could this log file lead to my account being compromised?