Sophos Cloud Optix
Beware any emails which claim to come from privacy@microsoft.com – it could be that you’re being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password.
At first glance, if you don’t look too carefully, the emails entitled “Microsoft Windows Update” may appear harmless enough. But the grammatical errors and occasional odd language should raise alarms bells that the emails may not really be from Microsoft.
Dear Windows User,
It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for daily update.This requires you to verify the Email Account. Failure to verify your records will result in account suspension. Click on the Verify button below and enter your login information on the following page to confirm your records.
VERIFY
Thank you,
Microsoft Windows Team.
If you do make the mistake of clicking on the link you are taken to a third party website (not the real Microsoft.com), where you are warned that your computer is at high risk and told to choose between logging in via Gmail, Windows Live, Yahoo or AOL.
For the benefit of this article, I chose to pretend that I wanted to log in via AOL. Surprise surprise, the web page asked me to enter my AOL username and password.
Of course, whatever I enter at this point is going to be passed straight into the hands of a cybercriminal. Once your details are in their claws, they’ll waste no time breaking into your online account, stealing information and potentially committing identity theft.
Oh, and I hope you don’t use the same password on multiple websites. Things could definitely get very ugly..
Naturally, victims of the phishing attack are oblivious to what is going on – especially as the thoughtful scammers are caring enough to redirect your browser to a genuine Microsoft webpage related to updating your Windows security.
Take care folks. Be suspicious of unsolicited emails, and always think carefully before entering your webmail passwords. If you are reckless you might be handing the keys to your online life over to a complete stranger.
Thanks to Naked Security reader Nick for drawing our attention to this threat.
how do i know that this web site is not fake too ???
Relax, it's not paranoia. They're really out to get you… 🙂
And what happens if you DID hand someone your information?
Graham,
That's very interesting, but very unlikely. I'm 99.9% convinced that that's a phished message. I've been working in the arena of Windows Security for a while now, and I'm pretty sure Microsoft doesn't do such stuff.
In my research, most recently on Active Directory Privilege Escalation, I have found that Microsoft's systems are generally open to compromise in other ways, but this seems a little far fetched.
Makes for an interesting phishing attack though.
Nik –
You do see the part where the emails "claim to come from" Microsoft? It's not Microsft doing this. I think you missed the point of the article.
Thanks, really helpful. This is exactly what we received. Will delete.
That was very helpful. Has deleted right away after doing research on this information.
It's nearly may 2013 now and apparently they've improved the scam a bit. There are no spelling errors, but for the rest it's pretty similar to what the article talks about/shows. The screen where you can choose your e-mailprovider and type in your password is also still pretty similar. So be warned; don't enter your details because – my guess is – they are still phishing for your data.
It really depresses me that i haven't received an email like this in a long time. i think the spammers hate me.