Outline Email purporting to be from Microsoft claims that a new security update has been released and instructs recipients to follow a link to install the update with "just one click".
Brief Analysis
The email is not from Microsoft and the link does not lead to a security update. In fact, clicking the link will take the user to a bogus website that harbours malware. Always update your Microsoft operating system via Windows Update, not by clicking a link in an unsolicited email.
Scroll down to submit comments
Last updated: 26th April 2012
First published: 26th April 2012
Article written by Brett M. Christensen About Brett Christensen and Hoax-Slayer
Example
Subject: Security update KB971033 has been released.
Hello,
There are important steps you should take to protect yourself from online
threats such as financial crimeware and identity theft. Taking the steps
below to protect your computer not only saves you time and trouble should
something go wrong, but also ensures that you are getting the best online
experience.
There's an easy, free way to help keep your PC safer and running smoothly.
It's called Windows Update. All you have to do is turn it on, and you'll get
the latest security and other important updates from Microsoft
automatically.
Setting up Windows Update is simple: Just go to the Microsoft Update
website. If you've already got automatic updating turned on, Windows Update
in Control Panel will open and show your update status. If it's not yet
turned on, you'll be guided through the steps to do so. After that, all the
latest security and performance improvements will be installed on your PC
quickly and reliably.
We detected that you don't have installed Anti-spoofing update KB971033 from
Microsoft, this update will protect you from accessing fake pages like
phishing site by checking any accessed link without any delay in browsers
and also will fix CVE-2012-3651 (Adobe auto-downloader) exploit, you can
install it with just one click here:
[Link removed]
When you turn on automatic updating, most updates will download and install
without you having to lift a finger. But sometimes Windows Update will need
your input during an installation. In this case, you'll see an alert in the
notification area at the far right of the taskbar be sure to click it. If
you don't respond to a Windows Update alert, your PC might end up missing an
important download.
We recommend that you use automatic updating but if you choose not to, be
sure to check for updates at least once a week.
Detailed Analysis
This message, which purports to be from Microsoft, claims that the software giant has detected that the recipient does not have "Anti-spoofing update KB971033" installed. It instructs the recipient to click a link in the email to install this "security update" along with a fix for another exploit. The message also includes background information about using Windows Update and protecting oneself from crimeware and identity theft.
Ironically, the message is itself a scam designed to trick recipients into downloading "crimeware" and exposing their personal information for the use of online criminals. The message is not from Microsoft and the link does not point to a security update. Those who click the "update" link in the message will be taken to a website that harbours malware.
The scammers have attempted to make their "update" claim seem more believable by nesting it within paragraphs of legitimate security information stolen from other sources including bank websites and Microsoft itself. And, to further the illusion, the scammers have used the number of a genuine Microsoft update (KB971033).
Criminals have long used bogus security update emails to distribute malware and they are likely to continue using the tactic. In a phone based variant of the scam, criminals posing as Microsoft technicians may call you and falsely claim that they have detected errors or viruses on your computer. Microsoft will never ask users to install a security update by clicking a link or opening an attachment in an unsolicited email. Microsoft does not check your computer for errors or security issues and will never email or call you unsolicited about computer problems.
It is important that users install any legitimate updates released by Microsoft, but they should do so only via the official Windows Update website.
