Outline

Email purporting to be from Microsoft claims that the recipient’s Windows installation records are out of date and that he or she must update email account details by clicking a “Verify” button.





Brief Analysis

The email is not from Microsoft and the claim that the user’s email account needs to be verified is untrue. The email is an attempt by online criminals to trick users into disclosing their email account login details. The criminals will subsequently use these stolen credentials to hijack the email accounts of their victims and use them for perpetrating further spam and scam campaigns.

Examples

Subject: Permanent Account Suspension We wish to bring to your attention that your Microsoft Window Records will be suspended within the next 48hours due to failure to update your records has advised in our previous letters. Failure to verify your accounts will lead to PERMANENT ACCOUNT SUSPENSION. You are hereby advised to verify your records immediately by clicking on the Verify button below, enter your login information on the following page to Confirm your records. Microsoft will not be held responsible over loss of data due to your details not be updated as advised. Thank you

Microsoft TEAM.

Subject: Windows Email Security Update It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for update. This requires you to verify your email account being the recipient of this update. Failure to verify your records will result in account suspension. Click on the Verify button below and enter your login information on the following page to Confirm your records. & nbsp; &n bsp; Click here to Update Your Windows Security Finally, we have added a binding arbitration clause and class action waiver that affects how disputes with Microsoft will be resolved in the United States. Thank you for using Microsoft products and services! Microsoft respects your privacy. Please read our online Privacy Statement.

Microsoft Corporation

One Microsoft Way

Redmond, WA 98052

Detailed Analysis

According to this email, which purports to be from software giant Microsoft, it has been discovered that the recipient’s Microsoft Windows installation records are out of date.

The message claims that the recipient is therefore required to verify his or her email account because “every Windows installation has to be tied to an email account for update”. The recipient is warned that failing to verify will result in the suspension of the user’s account.

However, the email is certainly not from Microsoft. And the claim that recipients must verify email account details is a lie. In fact, the email is part of a criminal campaign designed to trick people into handing over the email account login details to Internet criminals. Recipients who fall for the trick and click the link in the message will be taken to a bogus website that asks them to choose their email service, as shown in the following screenshot:

If victims click one of the email options, a popup “login” box is displayed:

If victims then proceed to enter their email login details and press “Sign in”, they will then be redirected to a genuine Microsoft support page. Meanwhile, their email login information will be collected by criminals and later used to login to their email accounts and use them to conduct further spam and scam campaigns.

While such phishing expeditions are all too common, this one casts a wider net than most by targeting users of several well-known email service providers rather than just one. In fact, by including “Other emails” as a choice on the scam website, the criminals are effectively targeting users of virtually any email service.







Microsoft will never send you an unsolicited email requesting you to click a link to procure a security update. Windows updates are NOT tied to a specific email address as claimed in the scam email. Always keep your Windows operating system updated via the official Windows Update system. Never click links or open attachments that claim to provide updates for your Windows operating system.

Moreover, while it is certainly a powerful and high-profile entity, Microsoft has no jurisdiction whatsoever over users of email services other than its own and would certainly not ask users to provide account login details via such an email.

Windows Email Security Update Phishing Scam was last modified: by

Related





