Fake E-mails Purport to be from Microsoft DCU, says Sophos
Sophos, the security company, has highlighted that Microsoft is alerting all Internauts towards being watchful of one fraudulent electronic mail asserting it has been sent from the DCU (Digital Crimes Unit) of Microsoft.
Displaying the header "Security," the spam mail tells the recipient addressed as "Dear E-mail User" that because of one fresh security flaw that hackers are exploiting for capturing his Internet credentials, Microsoft DCU this year (2013) has designed one fresh security mechanism. Consequently, all Internauts and Microsoft users need to confirm the details about personal e-mail accounts no matter what ISP alternatively host company they're utilizing. The confirmation can be done via downloading an attached file namely "Microsoft_STF," unzipping it on the user's computer desktop followed with viewing it. This'll then list the user in Microsoft's security databank, the e-mail informs while requests the person to note that incase of non-confirmation of e-mail accounts, hackers may well hijack his work or private e-mail and thus gain admission into his privileged/classified information.
There are unchangingly the logos of Microsoft and its DCU to make the e-mail more real.
But, security specialists from Sophos outline that the e-mail certainly isn't a Microsoft message, while downloading the attached file and executing it actually produces a virus onto end-users' PC. Moreover, Sophos identifies such a virus as Troj/Agent-AANA. Success of the related assault can help hackers gain hold over the infected PC or other malware to damage it, the specialists suggest.
Unfortunately, the above type of scare tricks just work as those that'll dupe some people.
Therefore, for remaining safe from such an e-mail, certain easy methods include: not following web-links or taking down attachments sent through electronic mails from unknown sources; not following web-links else taking down attachments sent through electronic mails although from known sources but appearing suspicious. Actually, the best option involves contacting the sender and verifying the e-mail from him. Regarding the above instance, factually, Microsoft includes every new listing via its Windows Update. The company won't ever dispatch customers an attachment for taking down and executing, so anyone getting such an e-mail must just erase it, the specialists conclude.
Related article: Fake-mails Troubling Credit Union Customers
» SPAMfighter News - 14-03-2013