Don’t Click That Email Link Yet. Check this first.
Here’s what happened recently to one of our clients, and how you can avoid the same thing.
Our clients were working with another company and expecting to receive some 3D render files from them. A legitimate-looking email arrived, saying the files were ready. This email linked to a file-sharing service. And everything seemed normal, until they clicked the second link, and Bitdefender blocked it. Turns out, it was a fake Microsoft 365 login page designed to steal their log in credentials. (See the image below for an example of a fake log-in page.
This kind of scam is becoming more common.
Scammers are using well-known tools like Dropbox, OneDrive and Hubdoc to trick users into thinking the email is safe, knowing email filters won’t block those domains. Then, once you click through, they hit you with a malicious second link.
Here’s how to protect yourself.
Don’t Trust a Link Just Because It’s Familiar
Scammers are getting smarter. They use legitimate services like Dropbox or OneDrive to host the first link. The real danger (the second dodgy link) is often hidden behind that.
Action Step:
Hover over any link (don’t click!) and check the address that pops up. Does it match the sender and the context of your conversation?
Double Check the Sender’s Email Address
Scammers will often spoof or slightly alter real email addresses to trick you.
Action Step:
Look carefully at the full email address. Watch out for typos, extra letters, or domain changes (like @micr0soft.com instead of @microsoft.com).
Be Suspicious of Any Request to Log In Again
You’ve already signed into your email once today—why would a file-sharing link need you to do it again?
Action Step:
If you’re asked to sign in to Microsoft 365 or Google Drive from a link in an email, stop. Open a browser yourself and go directly to the service instead of clicking the link.
Ask Yourself: Was I Expecting This?
If the message seems out of the blue or overly urgent, that’s a red flag 🚩
Action Step:
When in doubt, contact the sender directly using a method you already know (like calling their main business phone number) to confirm.
Install & Trust Your Security Software
In our client’s case, Bitdefender blocked the final step—saving them from entering their Microsoft 365 password into a fake page.
Action Step:
Make sure your antivirus software is active and up to date. It’s your last line of defence if something slips through.
BONUS TIP: Clicked Already? Do This Immediately
If you’ve clicked on something suspicious, don’t panic—act fast.
Action Steps:
- Disconnect from the internet.
- Call your IT provider immediately.
- Change any passwords you may have entered.
Still Not Sure If That Link is Safe?
If something feels off, you’re probably right to be cautious. Give our IT Support Helpline a call on 1300 799 879 and we’ll take a look.
It’s better to be safe than sorry.
