[SIGH] The Phish That Wasn’t
Cybercrooks thrive on FUD - Fear, Uncertainty, and Doubt. When a massive breach of a retailer’s customer database occurs, crooks swoop in to con panicked consumers. Every tax season, when people are tearing their hair out, con artists impersonate the IRS. And when Microsoft reneges on a promise and its customers rebel, phish start flying. Huh, what? Read on for the details; all will be revealed...
Is the Microsoft OneDrive Email a Scam?
Last week, I received a peculiar email from “firstname.lastname@example.org” with subject: “Changes to storage limits.” The body of the email bore a legitimate-looking “OneDrive” logo at the top, but the word “Microsoft” and the Microsoft logo appeared only at the very end. The message didn’t sound right, either:
“We want to let you know about some upcoming changes to OneDrive. On July 27, 2016, the amount of storage that comes with OneDrive will change from 15 GB to 5 GB. We are also discontinuing the 15 GB camera roll bonus. You can learn more at our FAQ.”
That’s a bit too straightforward for Microsoft, or any big corporation. No “Dear Valued Customer…” No gushing, phony excitement about the “new, improved” OneDrive, even though it’s obvious the product is being degraded. No hype or spin. That just isn’t Microsoftian! And what? You're *decreasing* my online storage?
So, spider-sense on full alert, I looked closely at the links embedded in this email, hovering my cursor over a link to reveal its underlying URL. All of the URLs point to a domain named “microsoftemails.com.” Hmmm. A bit of Googling reveals that Microsoft sends mass emails from a domain named “microsoftemail.com” - note that there’s no “s” at the end of the legitimate domain name.
I looked up the “plural” domain name in the Whois database and discovered that microsoftemails.com is owned by ExactTarget, Inc., an email marketing consultancy. Interestingly, ExactTarget is owned by SalesForce.com, Inc., the huge cloud-based customer relationship management firm. Double hmmm. That triggered some alarms in me; I suspected some legal but dastardly marketing trick. But I became fairly confident that clicking on one of the links in the “OneDrive” email would NOT infect my PC with malware.
Much Ado About Something
A little more Googling discovered several online forums in which people were asking, “What is this email? Is it a phish?” One member of the Windows 10 Forums was very definite in his answer: “If you click on any of the links in that email, you will be asked to provide your username and password. If you do that, the bad guys will then have your secret information.”
Unfortunately, he couldn’t possibly have known that, nor clicked on one of those links, because none of them leads to a phishing site. Instead, the URLs in the email that contain “microsoftemails.com” re-direct to pages on Microsoft-owned servers: office.com, live.com, and (drumroll, please) microsoft.com. At that point, my suspicion changed to exasperation.
Why, Microsoft? Why did you disguise your well-known and trusted domain names behind a very phishy-looking one? Why did you engage an email marketer that hardly anyone has heard of to represent your brand? Why did you send a hasty, sketchy message that would set any cautious user’s Spidey sense a-tingling? Why did you waste my time with all of this?
The answer dates to November 2, 2015, the day Microsoft broke its “unlimited cloud storage” promise to Office 365 Home, Personal, or University subscribers. Due to a “tiny minority” of consumers who “abused” the offer by using up to 75 Terabytes of space, the company decided to limit Office 365 Home, Personal, and University accounts to “only” one Terabyte.
You can guess how well that was received. Microsoft logged over 72,000 complaints from Office 365 subscribers who really, really don’t like “bait and switch” marketing. Shifting to damage control, Microsoft apologized in December, 2015, and has been trying to mollify the angry customers ever since.
Microsoft’s efforts have been hasty, amateurish, and confusing for all concerned. Fortunately, there is a straightforward explanation of the changes in storage limits for OneDrive and Office 365 users. You’ll find it here, on the MS Office Support site, without going through the superfluous confusing microsoftemails.com maze.
So yes, Microsoft's OneDrive will change your cloud storage allotment from 15 GB to 5 GB. Will you lose some of your files if you are over the 5GB quota? If so, when? The short answers are "maybe" and "not very soon." The long answers to those questions are in the bulletin mentioned in the previous paragraph.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 26 Apr 2016
|For Fun: Buy Bob a Snickers.|
Do Shortened URLs Endanger Privacy?
The Top Twenty
Geekly Update - 27 April 2016
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- [SIGH] The Phish That Wasn’t (Posted: 26 Apr 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved