Phishing Login Form Examples

Example 1

Although this login page may look like the Mount’s Office 365 login page, you can see that:

  1. It does not use https, rather it uses http which is insecure
  2. The domain name of the website is galleryintl.cu.cc, which does not end in msvu.ca

LoginExample1a


Example 2

Although this form poses as an Office 365 login page, note that:

  1. The website is 123contactform.com, which is not a Microsoft nor an MSVU website.
  2. It doesn’t use Office 365 branding.
  3. Although it pretends to be a login form, it asks for your name and your UserID.
  4. Password is spelled “P-$$w0rd”.
  5. It asks for your password twice.
  6. The form doesn’t use https (a lock appears before the URL in the Edge browser when https is used).

LoginExample2jpg


Example 3

This form also poses as an Office 365 login page, but:

  1. The website, bdshelton.com, doesn’t belong to Microsoft.
  2. The button asks you to “Verify Account”, not “Sign in”.

In this case, the hacker has copied the Office 365 login page to fool you.

The Mount and Microsoft do not have account validation forms, and we never send emails asking you to validate your account.

LoginExample3