Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 107 - October 2010 - Page 5

Pages in this month's issue:
  1. UK Pensioners v Asylum Seekers Protest Message
  2. Fake LinkedIn Invitation Emails Point to Malware
  3. Travel Warning - Khas Khas (Poppy Seed) Imprisonment in UAE
  4. Harry Potter Author J.K. Rowling Avowed Satanist Hoax
  5. Bogus Microsoft Critical Upgrade Notification Email
  6. Moon Split Miracle Chain Letter
  7. Death From Poisoned Rhino Horn Rumour
  8. Gang Initiation Warning Hoax - Infant Car Seat Left On Roadside
  9. Collapse Of 13 Story Building in China
  10. Rebirth Of The Eagle Hoax
  11. Facebook Virus Using Your Pictures Warning
  12. Kleneus66 Virus Hoax
  13. Spider Under Florida Toilet Seat Hoax
  14. Facebook Hacked 'BBC News Team' Warning Message

Issue 107 Start Menu

Previous Article            Next Article

Bogus Microsoft Critical Upgrade Notification Email

Outline
Email purporting to be from Microsoft claims that the recipient's operating system has a critical security issue and needs to be upgraded urgently via a link in the message.



Brief Analysis
The email is not from Microsoft. The claim that a critical security issue has been discovered on the recipient's computer is untrue. Those who click the link in the message will be taken to a bogus website where they may be tricked into downloading malware.

Bookmark and Share
Detailed analysis and references below example.



Last updated: 9th September 2009
First published: 9th September 2009
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Critical Microsoft Windows Upgrade Notification

Dear Microsoft Windows User,

You are recieving this notification because the version of Microsoft Windows you are running is affected by a critical security issue.

In order to protect yourself and other users of the Microsoft Windows operating system, it is highly recommended that all customers upgrade Windows as soon as possible.

To do so, please download the KB396658 upgrade from Windows upgrade by clicking here.

We appreciate your cooperation.

Regards,
Microsoft Windows Client Support Team

2010 Microsoft Corporation




Detailed Analysis
This email, which purports to be an official upgrade notification from Software giant Microsoft, claims that the version of Windows running on the recipient's computer has a critical security issue that needs to be rectified as soon as possible. The message urges recipients to click a link in the email in order to download an upgrade that will fix the supposed security issue.

However, the email is not from Microsoft. The claim that a security issue has been found on the recipient's computer is a lie designed to trick him or her into clicking the link in the bogus message.

Those who do click the link in the mistaken belief that they are required to do so in order to protect their computer will actually be taken to a bogus website that contains malware. Clicking "Upgrade" or "Update" links on the bogus website will download the malware and install it on the victim's computer. Once installed, the malware may allow criminals access to the compromised computer, harvest sensitive personal information and/or download other malware components.

Internet criminals regularly use variations of this fake Microsoft upgrade ruse as a means of distributing malware. Any email that claims to be an upgrade, update or "patch" from Microsoft should be treated as suspicious. If you receive such an email, do not follow any links in the message or open any attachments. Microsoft will never distribute security updates via unsolicited emails. It is important that Windows users always install genuine Microsoft security updates as soon as possible, but they should only do so via the official Microsoft update website.

In a related scam, phone scammers are posing as Microsoft tech support workers who claim that the victim's computer has been infected with viruses or has other security problems. The bogus callers attempt to trick those they call into going to their computers and opening a website, ostensibly as part of the procedure for fixing the supposed security issue. However, once on this website, they will be tricked into downloading and installing trojans and other malware that can allow criminals access to the compromised computer. The victim may also be tricked into parting with credit card or banking details, ostensibly in order to purchase software supposedly needed to "fix" the computer problem.

In short, Microsoft will never send you an unsolicited email informing you that you must follow a link to update your computer. Moreover, Microsoft will never call you to inform you that your computer has viruses or security issues.

Bookmark and Share References
Fake Microsoft Critical Update
Fake Microsoft Security Patch Emails
Scammers Pose as Microsoft Tech Support Workers to Hijack Computers

Previous Article            Next Article

Issue 107 Start Menu

Pages in this month's issue:
  1. UK Pensioners v Asylum Seekers Protest Message
  2. Fake LinkedIn Invitation Emails Point to Malware
  3. Travel Warning - Khas Khas (Poppy Seed) Imprisonment in UAE
  4. Harry Potter Author J.K. Rowling Avowed Satanist Hoax
  5. Bogus Microsoft Critical Upgrade Notification Email
  6. Moon Split Miracle Chain Letter
  7. Death From Poisoned Rhino Horn Rumour
  8. Gang Initiation Warning Hoax - Infant Car Seat Left On Roadside
  9. Collapse Of 13 Story Building in China
  10. Rebirth Of The Eagle Hoax
  11. Facebook Virus Using Your Pictures Warning
  12. Kleneus66 Virus Hoax
  13. Spider Under Florida Toilet Seat Hoax
  14. Facebook Hacked 'BBC News Team' Warning Message