This is not necessarily a new scam but more cleverly designed and worded.
The email is urging the recipient to act FAST and sign-in with their email credentials with limited time to react, it stresses that your email account will be DISABLED if you don’t react. Note, it is sent with a level of urgency by using UPPERCASE subject line and noting you have until the NEXT DAY. These are all techniques used by cyber-criminals to get you to react to the message. Furthermore, you note that the email is signed by the EMAIL ADMINISTRATOR and refers to MICROSOFT to further strengthen the trustworthiness of the message and encourage users to accept the email is real.
This is a targeted scam to businesses to gain access to users email accounts by using a strategy that not only targets the individual but an entire department. By sending an email to say sales@ or info@ the cyber-criminal is targeting multiple people at the same time knowing that someone in that department may actually open and react to the email.
In the past cyber-criminals would target an individual with these kinds of scams by emailing an individuals name (say tom@, dick@ or harry@), but by targeting departmental email accounts, the cyber-criminal has a greater chance of someone within that department opening the email and clicking the links or opening the attachments.
By training staff to identify scam emails like this, would dramatically reduce the threat landscape for these emails and stop your IT infrastructure from being exploited. RLS Computer Services Ltd. can deploy systems to reduce scam emails, install malware detection systems on your PC and install countermeasures and procedures to reduce any impact if a threat was executed by an employee.
The current climate in cybercrime isn’t going to change, so stop taking unnecessary risks with your data & let us keep it safe.