Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 137 - August 2012 (2nd Edition) - Page 4

Microsoft Cyber-Crime Department Phishing Scam

Issue 137 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the Microsoft Cyber-Crime Department claims that all email users around the world are required to validate their account by clicking a link in the message or risk having their email address deleted from the world email server.



Brief Analysis
The message is not from Microsoft. It is a phishing scam designed to trick naive Internet users into divulging their email account login details to cybercriminals.

Bookmark and Share
Detailed analysis and references below example.





Last updated: August 13, 2012
First published: August 13, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

From: Microsoft Cyber-crime Dept
Subject: Microsoft Cyber-crime Dept validate your account

Dear mail user,

As part of the security measures to secure all email users across the world,
All email users are mandated to have their account details registered as requested
by the Microsoft Cyber-crime Dept ( M C D ) . You are here by required to validate your
account within 24 hours so as not to have your email account suspended and deleted
from the world email server.

Kindly validate your email account to have your account registered,
follow d link below:
[Link Removed]

Copyright © 2012 Microsoft Inc. All rights reserved

.Microsoft Cyber Crime Department Phishing Email




Detailed Analysis
This email, which purports to be from the Microsoft Cyber-Crime Department and comes complete with a seemingly official Microsoft Digital Crimes Unit logo, claims that all email users across the world must validate their account or risk having it "suspended and deleted from the world email server". Recipients are instructed to click a link in the message in order to register and validate their email account.

However, the email is a phishing scam. It is certainly not from any entity named the Microsoft Cyber-Crime Department and has no connection with Microsoft whatsoever. The Microsoft Digital Crimes Unit is real, but its name and logo have been stolen and misused in this scam message only to make the scammer's outlandish claims seem a little more plausible.

Those who are taken in by the claims in the email and click the link as instructed will be taken to a bogus website and asked to login to their email account by supplying an email address, username and password. But, this action will not validate their accounts and avoid account suspension as expected but will instead send the submitted account credentials directly to the criminals responsible for this phishing attack. Once they have collected the submitted information, the scammers can then use it to hijack the compromised email accounts and use them to steal further information and send out more scam and spam emails to the people in the account's address book. Any emails sent from such compromised accounts will appear to have been sent by the account owners rather than by the hijackers.

Of course, any user with even a basic knowledge of computing and the Internet would quickly realize that, while Microsoft is certainly a large and powerful company, it has no jurisdiction whatsoever over email account holders that do not use Microsoft's own email services. It certainly does not hold any sort of mandate to request information from "all email users" nor does it have any authority to delete accounts at random. And, of course, there is obviously not just one "world email" server". However, while this scam email may be quite transparent to many recipients, there are still a significant number of users that are new to computers and the Internet and may be taken in by such claims. Scam attempts just as absurd as this still manage to reap new victims around the world every day.

Bookmark and Share


References

Phishing Scams - Anti-Phishing Information
Microsoft Digital Crimes Unit
Friend Stranded in Foreign Country Scam Emails
In My Opinion, Most Scam Victims are Naive, Not Stupid

Previous Article            Next Article

Issue 137 Start Menu

Pages in this issue:
  1. Anti Text-Driving Message - Car Wedged Under Truck Image
  2. Nationwide Phishing Scam Emails
  3. Faux Image - Double Sunset on Mars
  4. Microsoft Cyber-Crime Department Phishing Scam
  5. Does A Photo Depict A Puppy Being Forced to Drink Vodka?
  6. Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
  7. AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
  8. Three.co.uk Phishing Scam
  9. Another Facebook Sick Baby Hoax - Baby With Brain Cancer
  10. Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
  11. Fake Three (Or Seven) Headed Snake Image
  12. Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
  13. Facebook Survey Scam - Free Argos Gift Card
  14. 'Email Deactivation Warning' Phishing Scam
  15. Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
  16. Fake AT&T Bill Emails Point To Malware
  17. Messages Claim Coca Cola to be Banned In Bolivia
  18. 'Free Apple Product' Text Message Survey Scam
  19. Circulating Warning - Facebook May Close Down Animal Rescue Account'
  20. 2012 FIFA World Cup Online Lottery Advance Fee Scam
  21. Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
  22. Bigpond Security Service Phishing Scam
  23. Wrestling Star John Cena is NOT Dead
  24. Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
  25. Wrestling Star Undertaker is NOT Dead
  26. Colin And Chris Weir Donation Programme Advance Fee Scam
  27. US EPA Regulations Force Power Plant Closures
  28. 'View Facebook Followers' Scam Targets Twitter Users
  29. Lloyds TSB 'New Banking Authentication' Phishing Scam
  30. Faux Image - Pilots Protesting Chemtrails
  31. Telstra Bill Account Update Phishing Scam
  32. McDonald's Signboard Supporting Chick-Fil-A
  33. ABSA 'Authorized EFT Payment Received' Phishing Scam
  34. Hoax Picture - Obama Holding Phone Upside Down
  35. 'eBay Item Not Received' Phishing Scam Email
  36. Wells Fargo 'Security Check' Phishing Scam
  37. False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers