Microsoft Windows Update emails try to steal your Gmail, Yahoo, AOL passwords...

Filed Under: Featured, Microsoft, Phishing, Spam

MicrosoftBeware any emails which claim to come from privacy@microsoft.com - it could be that you're being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password.

At first glance, if you don't look too carefully, the emails entitled "Microsoft Windows Update" may appear harmless enough. But the grammatical errors and occasional odd language should raise alarms bells that the emails may not really be from Microsoft.

Is this email really from Microsoft?

Dear Windows User,
It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for daily update.

This requires you to verify the Email Account. Failure to verify your records will result in account suspension. Click on the Verify button below and enter your login information on the following page to confirm your records.

VERIFY

Thank you,

Microsoft Windows Team.

If you do make the mistake of clicking on the link you are taken to a third party website (not the real Microsoft.com), where you are warned that your computer is at high risk and told to choose between logging in via Gmail, Windows Live, Yahoo or AOL.

Phishing

For the benefit of this article, I chose to pretend that I wanted to log in via AOL. Surprise surprise, the web page asked me to enter my AOL username and password.

Phishing

Of course, whatever I enter at this point is going to be passed straight into the hands of a cybercriminal. Once your details are in their claws, they'll waste no time breaking into your online account, stealing information and potentially committing identity theft.

Oh, and I hope you don't use the same password on multiple websites. Things could definitely get very ugly..

Naturally, victims of the phishing attack are oblivious to what is going on - especially as the thoughtful scammers are caring enough to redirect your browser to a genuine Microsoft webpage related to updating your Windows security.

The attack concludes by taking the phishing victim to a genuine Microsoft webpage

Take care folks. Be suspicious of unsolicited emails, and always think carefully before entering your webmail passwords. If you are reckless you might be handing the keys to your online life over to a complete stranger.

Thanks to Naked Security reader Nick for drawing our attention to this threat.

, , , , , ,

You might like

9 Responses to Microsoft Windows Update emails try to steal your Gmail, Yahoo, AOL passwords...

  1. michael fields · 568 days ago

    how do i know that this web site is not fake too ???

    • Mark Sitkowski · 567 days ago

      Relax, it's not paranoia. They're really out to get you... :)

  2. sue · 566 days ago

    And what happens if you DID hand someone your information?

  3. Nik · 561 days ago

    Graham,

    That's very interesting, but very unlikely. I'm 99.9% convinced that that's a phished message. I've been working in the arena of Windows Security for a while now, and I'm pretty sure Microsoft doesn't do such stuff.

    In my research, most recently on Active Directory Privilege Escalation, I have found that Microsoft's systems are generally open to compromise in other ways, but this seems a little far fetched.

    Makes for an interesting phishing attack though.

    • Mama · 559 days ago

      Nik -

      You do see the part where the emails "claim to come from" Microsoft? It's not Microsft doing this. I think you missed the point of the article.

  4. Carole · 546 days ago

    Thanks, really helpful. This is exactly what we received. Will delete.

  5. Mae · 521 days ago

    That was very helpful. Has deleted right away after doing research on this information.

  6. Eslyka · 354 days ago

    It's nearly may 2013 now and apparently they've improved the scam a bit. There are no spelling errors, but for the rest it's pretty similar to what the article talks about/shows. The screen where you can choose your e-mailprovider and type in your password is also still pretty similar. So be warned; don't enter your details because - my guess is - they are still phishing for your data.

  7. It really depresses me that i haven't received an email like this in a long time. i think the spammers hate me.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.