I do not know about you, but for the past couple of days my inbox has received several emails claiming to be from Microsoft while touting links to updates for Microsoft Outlook and Outlook Express. :>) Naturally, I clicked on those links right-away and installed me some updates (not).
However, in all honesty, I was surprised at the level of effort that the sender went through in making this phishing email look more "authentic". For example:
- First, the message itself is formatted to look like a Tech Bulletin from Microsoft.
- There are links within the email that link off to valid addresses on the Microsoft site.
- Lastly, the sender took care in crafting the update (phishing) URL such that it almost appears to be going to update.microsoft.com and has a valid query path for the update.
In other words, at first glance, the email looks valid. And, thanks to the senders efforts within the social engineering arena. I'm sure that the number of people falling for this email is much higher than the normally lame phishing emails that are sent out. Thus, unless the email was blocked by some kind of inbound gatekeeper. It's up to the receiver to determine how to handle this email: delete it or fall into trap.
In other words, for organizations and even consumers, the best defense in this case is awareness, training, knowledge, etc. and not some fancy security software. Ah... if only all solutions were so simple.
If you like this, check out some other posts from Tyson:
- When a computer science degree matters, and when it doesn't
- Since when did cloud computing become/need a manifesto?
- Why would one phish using a Certificate Authority (CA) as bait?
- Would I trust you, if everyone else trusted you?
- Here is a good question: Is scripting programming or just systems administration?
- PowerShell boy and the case of the missing cmdlets!
- Fun with PowerShell 2.0 Eventing!
- Creating a custom 404 page to handle link redirection for ASP.NET web applications
Or if you want, you can also check out some of Tyson's latest publications:
- Windows PowerShell Unleashed (2ndEdition)
- Windows Server 2008 Unleashed (Yes, I did help on this book)
Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)