As we begin the holiday season, we expect an upswing in the number of phishing attacks. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an email message.
We encourage you to be especially aware of email messages from what seem like legitimate companies, even those with whom you may have done business. Many phishing attacks are camouflaged in this way, but are designed to install malware on your PC.
An example of a such a malicious email is shown below. This particular attack is active right now, and we have seen it affect users within the past couple of days. It appears to be from the US Postal Service, but holds a nasty surprise for anyone that opens the attached file.
We encourage you to be cautious about opening any attachment or downloading files from any emails you receive, regardless of who sent them. Phishing attacks can be unknowingly spread by family members and co-workers, if their email account is compromised.
If you would like more information, we highly recommend you read the How to recognize phishing email messages article available on the Microsoft Safety and Security Center website.
We wish you all a happy and safe holiday season!