Scam Emails “Windows Installation Records Outdated” Making Rounds on the Internet
New scam email masquerading Microsoft saying that the recipient's windows installation records are out of fashion are presently making rounds across the internet, as per the new published by hoax-slayer dated September 19, 2012.
The mails open with the subject title: "Windows Email Security Update". Further, it notifies about outdated installation records of Microsoft Windows. It also claims that every Windows installation is required to be tied to an email account for being upgraded. It requires verification of the e-mail account for being an updated one. Incase, the records remain unverified will result in the suspension of the account. For avoiding the same, one has to click on the verification button provided below and fill in with all the login credentials on the next page and confirm all records.
By clicking the existing link, the users will be forwarded to a fraudulent website that request them to opt for other e-mail service, like yahoo mail, Gmail, AOL ,and Windows Live and then login.
If, however victims proceed to go through their email login credentials and continue pressing "Sign in", they will then be forwarded to an authentic looking support page of Microsoft.
In the meantime, all the login details earlier provided by recipients will be collected by the spammers and then be used to login and proceed in their spam campaigns. Though these types of phishing campaigns are quite common, this particular case casts a wider net compared to most of the target users of several popular e-mail service providers. Actually, by including "Other emails" as an option on the scam site, the spammers efficiently targets the users impersonally to other kind of e-mail services.
If victims then move to submit their email login details and press "Sign in", they will then be taken to a genuine Microsoft support page.
During, their email login information will be obtained by the criminals and later used to login to their email accounts and use them to execute more spam and scam campaigns. This spam casts a wider net than most by hitting users of many popular email service providers rather than one. Actually, by including "others emails" as a choice on the scam website, the criminals are effectively targeting users of other email service.
However, it is assured that Microsoft would never send you any undesirable email request to click a link to for proceeding to a security update. Updates from the Windows are not connected to an explicit email address as declared in the scam email.
On nutshell, this email scam close on heels of malicious spam email posing as Microsoft notifications about changes to Microsoft services Agreement which were caught in the first week of September 2012. The only real difference between the emails (besides from the originating source) is that all of the hyperlinks within the email were set to print to a malicious site housing the infamous Black Hole exploit kit.
Related article: Sixem Worm Striking World Cup
» SPAMfighter News - 25-09-2012
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!