The Cybersecurity Operations Center and Information Technology’s Office 365 email team have been tracking an increase in spam email messages promoting adult websites. While spam and scam emails can come from any email domain, the messages observed in this wave all came from various senders using email addresses in Russia’s .ru domain, for example, firstname.lastname@example.org.
The subject lines of these messages vary, but all are adult themed and have a message body similar to that depicted this screenshot:
Some of these emails link to tech support scam websites, such as the one depicted below.
To protect yourself and your personal information, please don’t click any links in such email messages.
What to do if you receive spam email messages
The DoIT mail team is working on ways to reduce the number of these messages and you can help! If you receive a message like this, you can easily report it using the “report spam” feature within the Office 365 web or desktop email client. If you don’t use Outlook or can’t see the report spam button, you can forward it as an attachment to email@example.com.
If you are ever unsure whether an email message is legitimate, do not respond to it. Contact the DoIT Help Desk at 608-264-4357 for advice.
Update: some have asked why they should report these messages as spam rather than phishing, especially if the messages may include suspicious links. The Office of Cybersecurity is treating these messages as spam because they don’t display some of the classic hallmarks of phishing such as:
- Asking directly for credentials, personal information, or money
- Creating a sense of urgency about doing something
- Posing as a reputable entity