Emma Hollinrake’s Post

yep - 'rn' instead of 'm'. The sneaky blighters! Very Phishie to me!

wow that's clever!

The m from Microsoft looks odd but then again I'm not wearing my glasses

Yep that’s sneaky. In a previous job we had someone try spear phishing our finance team by registering netvvorksfirst.com instead of networksfirst.com In the font used by Outlook it was very hard to spot.

Emma Hollinrake, looking at this closely. My guess is either a suspicious sender domain that's almost-but-not-quite legitimate, or maybe the reply-to address doesn't match the display name. Those tiny URL differences always get people too - like using a zero instead of the letter O. What do you think it is?

Been trying to teach ppl this at my info sessions on cyber awareness. It’s not an m in the email address it’s rn and the eye can miss it so easily.

r n not an m .. cunning.. The human brain has evolved the ability to "fill in the gaps" both with audio and written information.. in this case it and sees what youre expecting to see when scan reading.. Factors exploited all too often in phishing and other attacks

rnicrosoft / microsoft

Officially, it's because if you look closely, it's rnicrosoft.com, not Microsoft.com Reality though... It's the first thing I've seen from "Microsoft" in a longtime that doesn't start with sodding "Co-Pilot"... So can't be true.

To be fair its good for people that do not know differently. however, clients need advising that Microsoft.com is not even the correct URL for authentication or self service when using Microsoft 365