Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Windows Email Security Update Phishing Scam

Outline
Email purporting to be from Microsoft claims that the recipient's Windows installation records are out of date and that he or she must therefore update email account details by clicking a "Verify" button.



Brief Analysis
The email is not from Microsoft and the claim that the user's email account needs to be verified is untrue. The email is an attempt by online criminals to trick users into disclosing their email account login details. The criminals will subsequently use these stolen credentials to hijack the email accounts of their victims and use them for perpetrating further spam and scam campaigns.

Bookmark and Share
Detailed analysis and references below example.





Last updated: October 18, 2012
First published: September 19, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Examples

Subject: Permanent Account Suspension

We wish to bring to your attention that your Microsoft Window Records will be suspended within the next 48hours due to failure to update your records has advised in our previous letters.

Failure to verify your accounts will lead to PERMANENT ACCOUNT SUSPENSION. You are hereby advised to verify your records immediately by clicking on the Verify button below, enter your login information on the following page to Confirm your records.

Microsoft will not be held responsible over loss of data due to your details not be updated as advised.

Thank you
Microsoft TEAM.




Subject: Windows Email Security Update

It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for update.

This requires you to verify your email account being the recipient of this update. Failure to verify your records will result in account suspension.

Click on the Verify button below and enter your login information on the following page to Confirm your records.

& nbsp; &n bsp; Click here to Update Your Windows Security

Finally, we have added a binding arbitration clause and class action waiver that affects how disputes with Microsoft will be resolved in the United States.

Thank you for using Microsoft products and services!

Microsoft respects your privacy. Please read our online Privacy Statement.
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

Microsoft Windows Email Update Phishing Scam




Detailed Analysis
According to this email, which purports to be from software giant Microsoft, it has been discovered that the recipient's Microsoft Windows installation records are out of date . The message claims that the recipient is therefore required to verify his or her email account because "every Windows installation has to be tied to an email account for update". The recipient is warned that failing to verify will result in suspension of the user's account.

However, the email is certainly not from Microsoft. And the claim that recipients must verify email account details is a lie. In fact, the email is part of a criminal campaign designed to trick people into handing over the email account login details to Internet criminals. Recipients who fall for the trick and click the link in the message, will be taken to a bogus website that asks them to choose their email service, as shown in the following screenshot:

Microsoft upade email scam page

If victims click one of the email options, a popup "login" box is displayed:

Scam login popup

If victims then proceed to enter their email login details and press "Sign in", they will then be redirected to a genuine Microsoft support page. Meanwhile, their email login information will be collected by criminals and later used to login to their email accounts and use them to conduct further spam and scam campaigns. While such phishing expeditions are all too common, this one casts a wider net than most by targeting users of several well-known email service providers rather than just one. In fact, by including "Other emails" as a choice on the scam website, the criminals are effectively targeting users of virtually any email service.

Microsoft will never send you an unsolicited email requesting you to click a link to procure a security update. Windows updates are NOT tied to a specific email address as claimed in the scam email. Always keep your Windows operating system updated via the official Windows Update system. Never click links or open attachments that claim to provide updates for your Windows operating system. Moreover, while it is certainly a powerful and high-profile entity, Microsoft has no jurisdiction whatsoever over users of email services other than its own and would certainly not ask users to provide account login details via such an email.

Bookmark and Share

References

Friend Stranded in Foreign Country Scam Emails
Gmail Account Phishing Scam

Last updated: October 18, 2012
First published: September 19, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer