Encrypted email or phishing scam, you decide

There is a new phishing campaign, according to BleepingComputer, that pretends to be an encrypted email requiring a user to login to a fake OneDrive website. This phishing email is hoping to gather username and password credentials of Microsoft users via the spoofed OneDrive website. These types of phishing campaigns can be tricky to identify, so it is always important to ask yourself if you were the email and to verify with the sender if needed.

It seems like there is a new or recycled phishing campaign every week. It is easy to be desensitized and make one be apathetic towards them. This is part of the strategy by hackers about phishing campaigns. While we may feel good about identifying what is a phishing email in our inboxes, we may not identify every single one of them or maybe an employee will not identify all of them. Hackers send hundreds to thousands of these emails hoping for only a handful to be successful. It only takes one.