Summary: Email that appears to be from Microsoft instructs the user to download the latest version of Internet Explorer 7 by clicking a link included in the message (Full commentary below).
Status: Link leads to malware
Example:(Submitted, August 2008)
Subject: Internet Explorer 7
Download the latest version!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052
Malicious emails disguised as official Microsoft messages are currently being distributed. The messages urge recipients to click a link supposedly to download the latest version of Internet Explorer 7. However, the messages are not from Microsoft and clicking the link will not download Internet Explorer 7. Instead, those who click the link may inadvertently download and install a trojan that can modify the Windows registry and other windows files. The trojan can also connect to other malicious websites and download and install more malware components.
Those responsible for the malware emails have attempted to make the messages seem more legitimate by including seemingly official newsletter subscription details and secondary links that lead to genuine Microsoft websites. The hackers have also used a spoofed email address to make it appear that the emails originate from Microsoft.
Internet fraudsters have repeatedly attempted to trick Windows users into downloading malware by distributing fake Microsoft Update notifications via email. Microsoft does not send update notifications via unsolicited emails. Any unsolicited email claiming to be from Microsoft that instructs the recipient to click a link or open an attachment to update his or her computer should be treated as suspect. When updating your Windows based computer, always ensure that you do so via the official Windows Update website.