Hidden Microsoft

Tyson Kopczynski

Previous Article Next Article

Fake Microsoft Update Email Scam - That almost looks professional!

How simple phishing knowledge can save you big time!

By tyson.kopczynski on Thu, 06/25/09 - 5:37am.

I do not know about you, but for the past couple of days my inbox has received several emails claiming to be from Microsoft while touting links to updates for Microsoft Outlook and Outlook Express. :>) Naturally, I clicked on those links right-away and installed me some updates (not).

However, in all honesty, I was surprised at the level of effort that the sender went through in making this phishing email look more "authentic". For example:

First, the message itself is formatted to look like a Tech Bulletin from Microsoft.
There are links within the email that link off to valid addresses on the Microsoft site.
Lastly, the sender took care in crafting the update (phishing) URL such that it almost appears to be going to update.microsoft.com and has a valid query path for the update.

In other words, at first glance, the email looks valid. And, thanks to the senders efforts within the social engineering arena. I'm sure that the number of people falling for this email is much higher than the normally lame phishing emails that are sent out. Thus, unless the email was blocked by some kind of inbound gatekeeper. It's up to the receiver to determine how to handle this email: delete it or fall into trap.

In other words, for organizations and even consumers, the best defense in this case is awareness, training, knowledge, etc. and not some fancy security software. Ah... if only all solutions were so simple.

If you like this, check out some other posts from Tyson:

Or if you want, you can also check out some of Tyson's latest publications:

Windows PowerShell Unleashed (2^ndEdition)
Windows Server 2008 Unleashed (Yes, I did help on this book)

Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)

Tags

About Hidden Microsoft

With more than ten years of experience in IT, Tyson Kopczynski has become a specialist in Active Directory, Information Assurance, Windows automation, PKI, and IT security practices. Tyson is also the founding author of the Windows PowerShell Unleashed series and has been a contributing author for such books as Microsoft Internet Security and Acceleration (ISA) Server 2006 Unleashed and Microsoft Windows Server 2008 R2 Unleashed. He has also written many detailed technical papers and guides covering various technologies. As a consultant at Convergent Computing, Tyson works with and provides feedback for next generation Microsoft technologies since their inception and has also played a key role in expanding the automation and security practices at CCO. Tyson also holds such certifications as the Certified Information Systems Security Professional (CISSP), the SANS Security Essentials Certification (GSEC) and SANS Certified Incident Handler (GCIH), and the MCTS (Application Platform, Active Directory, and Network Infrastructure).

Certifications: