Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Fake Microsoft Critical Update

Summary:
Email claiming to be from Microsoft instructs recipients to click a link to install an "urgent" critical update for Windows computers (Full commentary below).



Status:
False

Example:(Received, February 2008)
Subject: Microsoft Critical Live Update

URGENT: Please intall critical Windows XP/2000/2003/Vista update!

[Button and link lead to bogus Microsoft Update website]

A Screen shot of the fake update email:

Fake Critical Update Message




Commentary:
A malicious email disguised as a Microsoft Windows update advisory is currently being distributed. The official looking message, which appears to be from Microsoft, instructs recipients to follow a link to obtain and install an "urgent" critical update for Windows based computers. However, the message does not originate from Microsoft nor does it link to a real Microsoft security update. Instead, it is designed to trick unwary Windows users into downloading and installing malware.

Those who fall for the ruse and follow the link in the fake update message will be taken to an equally fake Microsoft Update web page. As the following screen shot shows, the email and web page are very similar in appearance:

Bogus Microsoft Update Website
If a visitor clicks the "Urgent" button on the bogus web page, a trojan dropper will be installed on his or her computer. The trojan dropper will then install other information harvesting malware components on the infected computer.

Internet criminals have used this fake Microsoft update tactic a number of times in the past. Be very cautious of any email that claims to be an update or patch from Microsoft. Microsoft does not distribute security updates via unsolicited emails. It is important that Windows users always install genuine Microsoft security updates as soon as possible, but they should only do so via the official Microsoft update website.

If you receive an email like the one shown above, do not follow any links in the message or open any attachments.

References:
Fake Microsoft Security Patch Emails
Spotted in the Wild: Rogue Microsoft Update Site

Last updated: 8th February 2008
First published: 8th February 2008

Write-up by Brett M. Christensen