On Friday, Microsoft launched Windows 8 to consumers.
Today, the experts at SophosLabs have intercepted a phishing attack which plays upon interest in the new operating system.
Here is an example email, pretending to come from "Microsoft Windows 8 Team", that was caught in our traps:
This message is sent to you because, you are a member of the Microsoft window vital user, to Get the new Window 8 freely and fully protected,
click the below Microsoft Window 8 premium link and submit, your info on the webpage and click update.Window 8 Update
(c) 2012 Microsoft Corporation
Microsoft Window 8 Team.
Clearly the cybercriminals aren't wasting any time.
Fortunately, it's hardly the most sophisticated attack in the world, but the offer of some brand new software for free may be enough to trick some people into clicking on the link.
And if you were to click on the link then you would be taken to a webpage hosted on a Slovakian web server which asks you to enter your username, password, email address and server domain name.
If you're careless, you could have just handed over the keys to your castle to a bunch of cybercriminals.
If you can't trust yourself - or (perhaps more importantly) the users in your company - not to click on links like this then it might be wise to invest in a security solution that can protect you against email and other internet attacks.
If you are considering adopting Windows 8, check out Sophos's top eight security tips for Windows 8.
Follow @gcluley
Microsoft is going to waste no time going after who ever was behind this give them a month and the persons behind this will be in prison
To be fair, Microsoft have been so desperate to shift copies of windows 8, that they have been selling upgrade copies for almost nothing. I would not be that surprised if I received a genuine email from Microsoft (or one of their resellers) offering a free upgrade if I brought a mouse or a similar cheap bit of hardware.
Wow! The sentence formation, capitalisation and punctuation in that e-mail has to be some of the worst I've ever seen! I couldn't help but laugh at the loss of the "s" from the end of "Windows". This new version, "Window", sees all but one window boarded up. Microsoft Window 8 must be a very dark operating system! =P
Free Windows 8? You would think a phishing attack would involve something that people actually wanted.
Why you don't provide more details?
Who is the message real sender?
What is the URL of the scamming site???
The message sender information is forged to be the same as the recipient.
So if your email is fred@example.com, it will appear to come from fred@example.com
Windows 8 has added defender to provide more security to windows. However if we observe the latest rating of Microsoft's IPS http://www.gartner.com/technology/reprints.do?id=... it is no where as compared to IPS provided by other security vendors.
Adding defender appears more like a publicity marketing strategy as compared to be providing real security.