The Good, the Bad, and the Ugly

September 2025 | Nextworks

While your spam filter catches most phishing attempts, nothing if foolproof.

YOU ARE THE LAST LINE OF DEFENSE.

Let's explore some email examples.

The Good

Here is a legitimate email from Amazon.

We see no problems here. The graphics are clean, grammar and spelling are perfect, and it was an expected email.

Nevertheless, spear phishing (highly targeted attacks) can come at just the right time from just the right party. Cybercriminals can discover your vendors or recent correspondents! Mouse over a link (without clicking) to confirm that it does indeed to go amazon.com.

The Bad

This is a very common phishing attack. There are many red flags.

(While we do find NINE concerns here, it only takes ONE to know that it's a scam.)

Let's dive in.

1. Odd subject with a random mix of upper and lower case
2. Improper grammar and confusing instructions
3. Not from microsoft.com
4. Who likes to be called "User"?
5. Obsolete term: go here, click here, proceed here
6. Missing a period
7. Discombobulated instructions and missing a comma
8. Ugly borders in borders
9. The company is Microsoft, not Office. (Office is a product.) Also, more legalities are expected here.

However, even if there are NO problems found, always be suspicious. Just delete the email or ask Nextworks!

The Ugly

This type of email makes no attempt to disguise its wretchedness. It's a scare tactic to extort money. Don't be fooled.

This cybercriminal purchased a list of compromised passwords on the dark web. They then send (template) emails with a password that may look familiar to you. If so, change that password wherever you use it. However, they likely have not hacked your computer. Delete the email.

[ Return to News & Commentary home. ]

[ Return to Nextworks IT home. ]