Malware attack poses as security warning from Microsoft Digital Crimes Unit

Filed Under: Featured, Malware, Microsoft, Spam, Windows

Microsoft Digital Crimes UnitWindows users - do you take your computer's security seriously?

If so, you might decide to take prompt action when you receive an email seemingly from the Microsoft Digital Crimes Unit.

But that would actually be a big mistake.

You may remember that the Digital Crimes Unit at Microsoft are the folks who have worked hard to bring down botnet servers, including those associated with Zeus, and investigated suspected malware authors.

Here's what today's spammed-out email, which uses the subject line "Security", looks like:

Malicious email

Dear Email User,

Due to a new vulnerability which is exploited by hackers to steal your online details.

Microsoft Digital Crimes Unit in 2013 has hereby developed a new security measure.

All users of the Internet and Microsoft products are hereby required to validate there email account information irregardless of their Internet service provider or Host company.

To validate your email account and to prevent hackers from exploiting the new vulnerability.

Please download the "Microsoft_STF" file attached, extract the file on to your desktop and open.Once done you will updated on Microsoft security database.

Please note that if your email is not validated, your email will be at risk for hackers getting into your personal or business email account there by getting access to classified or privileged information.

2013 Microsoft Digital Crimes Unit

Attached to the email is a file called And, according to the above email, "all users of the internet" should run the program to validate "there" (sic) email account.

Sounds serious, right?

Well, hopefully most of you will be rightly suspicious (even if it didn't contain spelling mistakes) of the unsolicited email and too wise to blindly run a program just because of instructions which claim to come from Microsoft.

Sophos products detect the attached file as the Troj/Agent-AANA Trojan horse.

The irony of a cybercriminal attack posing as the Microsoft Digital Crimes Unit, and using the fear of vulnerabilities and malware infection to trick users into unwittingly compromising their Windows computers shouldn't be lost on any of us.

Sadly, these kind of scare tactics are exactly the kind which will fool some people.

Be careful out there.

PS. You can read about the real Microsoft Digital Crimes Unit here.

, , ,

You might like

7 Responses to Malware attack poses as security warning from Microsoft Digital Crimes Unit

  1. James · 909 days ago

    Why did you filter out the from address?

  2. E.. · 909 days ago

    Another way to know this scam--- old Xp and Microsoft Logo.

  3. Nigel · 909 days ago

    The likelihood that recipients don't know enough NOT to open attachments to unsolicited messages is bad enough. Additionally, there's the unhappy fact that due to widespread illiteracy, vast numbers of people aren't even able to recognize the semantic and syntactic errors in the message---misspellings, incomplete sentences, phony words.

    I presume the authors of such spamular garbage are too stupid to know any better. But it's a doggone shame that the way the spam is written probably won't tip itself off to those who don't know that "irregardless" isn't a real word, and can't spot the other illiterate clues in the spam. Illiteracy creates victims.

  4. redwolfe_98 · 908 days ago

    for me, the very poor english used in the message would be a giveaway that the email was bogus.. i would think that the message was written by kids..

  5. Has anyone reported receiving an email similiar to this from Hewlet Packard regarding printer security? I received one this morning and it has no logo and just does not look right at all...I have a $30 printer could it be in danger of a security breach?!

  6. snert · 906 days ago

    Microsoft contacts people for one reason - as a follow-up on an issue you've contacted them about and that's it.
    I've told my friends and family this many, many times. And told them to tell everybody they can get to listen.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley