Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 120 - November 2011 - Page 12

Bogus Windows Firewall and Security Center Update Email Links To Malware

Issue 120 Start Menu

Previous Article            Next Article

Email purporting to be from Microsoft Canada instructs recipients to click a link in order to download and install a high priority security update for the Microsoft Windows Firewall and Security Center.

Brief Analysis
The email is not from Microsoft and the link does not point to a security update. Instead, following the instructions in the message will download and install malware. Microsoft will never send security updates via an email.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 13th October 2011
First published: 13th October 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Critical Update For Microsoft Firewall and Security Center

Dear Customer,

Please notice that Microsoft has recently issued a Security Update for Microsoft Windows Firewall and Security Center.

This Update is to prevent malicious users from getting access to your computer files by executing arbitary code on a new buffer overflow found in the windows firewall process.

This is an high-priority updates. In order to help protect your computer against security threats and malicious code.

Please follow these instructions:

1. Download the file from
[Link removed]

2. Double-click on SECURITY_FIX_4081.exe to start the update.

3. Click on *Allow Access*

This is an Automated Message produced by Microsoft Canada Co., Please Do Not Reply

Microsoft Team.

Detailed Analysis
According to this email, which claims to be from Microsoft Canada, recipients should follow a link to download a "high-priority" security update for the Microsoft Windows Firewall and Security Center. The message claims that installing the update will help protect the user's computer against "security threats and malicious code".

However, the message is certainly not from Microsoft. Clicking the link in the message will not download a security update. In fact, following the instructions in this fraudulent email will download and install malware on the recipient's computer.

This fake Microsoft security update ruse has been used by online criminals over and over again over the past several years

Microsoft will NEVER send you an unsolicited email that asks you to install a security update either by following a link or by opening an attachment. Windows users should always update their Microsoft products via Windows Update.

Bookmark and Share References
Fake Microsoft Critical Update
Internet Explorer 7 Latest Version Malware Email
Fake Microsoft Security Patch Emails
Fraudulent Email Alert Sept 29, 2011

Previous Article            Next Article

Issue 120 Start Menu

Pages in this month's issue:
  1. Facebook 'Add Pink Tinge to Your Profile' Virus Warning
  2. Hoax - UNICEF Receives 5 Euros Every Time You Share a Picture
  3. False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers
  4. Image of Police Officer Macing a Child
  5. Hoax - SPCA South Africa is Closing Down
  6. Facebook '1 Lost Message' Pharmacy Spam Email
  7. Energy Saver Globe Warning Message - Mercury Exposure Foot Injury Images
  8. Westpac 'Quick Survey' Phishing Scam
  9. Free Heart Surgery for Children - Facebook Share
  10. Brighton Area 'Black or Dark Blue Dodge Caravan' Child Abduction Rumour
  11. Hoax Warning - 300km Winds for Johannesburg Region This Weekend
  12. Bogus Windows Firewall and Security Center Update Email Links To Malware
  13. Facebook Prayer Request For Baby Found in the Bin
  14. BlackBerry Messenger Resend to Save Account Hoax
  15. AT&T Phishing Scam
  16. Bill Cosby - 'I'm 76 and I'm Tired'
  17. Boy Shot By Step Dad Charity Hoax