Hi Stars,

We want to raise your security awareness about Email phishing attack which will affect our organization and your personal data.

Please find the sample phishing email for you reference:

Microsoft 365 Multi-Factor Authentication (MFA), This fraudulent email is part of a phishing campaign designed to steal sensitive login credentials and potentially compromise organization's security.

Here is how you can identify the fake emails:

Check the Sender: Verify the sender's email address. Be cautious of emails from unofficial or misspelled domains, as well as those that do not match the typical communication channels used by Microsoft or our IT department.

Examine the Message: Pay attention to the content of the email. Look for signs of phishing, such as generic greetings, urgency, spelling and grammatical errors, suspicious links or QR.

Verify the URL: Before clicking on any links, hover over them to see where they lead. Ensure that the URL begins with the Official URL, such as https://login.microsoft.com or another official Microsoft domain.

Avoid Sharing Credentials: Never share your login credentials, MFA codes, or any personal information with anyone, even if they claim to be from IT support or Microsoft. Our IT team will never request this information via email.

What to do if you receive an email that you suspect is a fake MFA request:

• Do not click any links, scan QR codes or download any attachments in the email.
• Do not reply to the email or share any information with the sender.
• Forward the suspicious email to @CapeStart ITSupport

Thanks & Regards,
SecOps Team