Ian’s Password Stealer

Congratulations – you are about to be scammed by two believable sign dialogs that look like this:

This dialog always looks the same so it is easy to create in my stealing app
I had to personalise this, but as I already have his email address, that’s easy!
Cunningham & Othen users know that there should be a logo and message – so they aren’t falling for it

It takes no effort to write an app which shows the standard MS sign in, adds the name of the user to the password dialog, steals the password and then comes up with some believable error- Like “Meeting recording deleted”.

Of course, a dedicated hacker (who has specifically targeted Cuningham & Othen, could generate a dialog to match ours – but 99.999% of these attacks are random/scattergun based on knowing only your email address, so they don’t do that.