Posts Tagged: ‘microsoft identity theft’

Scam of the day – April 4, 2013 – Microsoft Windows update scam

April 4, 2013 Posted by Steven Weisman, Esq.

Recently many people have been receiving a phony email that purports to come from Microsoft.  In fact, the email address appears as privacy@microsoft.com.  This is not, however, a legitimate email from Microsoft, but rather it is a phishing scam that is intended to get you to provide personal information such as your email provider, your username and your password.  Once this information is provided, it is used to make the responder to the email a victim of identity theft.  It also can be used to send emails from your email address to friends of yours who may trust the emails because they appear to come from you.  This enables the identity thief to send malware in emails that appear to come from you to lure your friends to download the malware by clicking on links in the emails sent using your email address.

Here is an example of the phony email currently being circulated:

“Dear Windows User,

It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for daily update.

This requires you to verify the Email Account. Failure to verify your records will result in account suspension. Click in the Verify button below and enter your login information on the following page to Confirm your records.

VERIFY

Thank you, Microsoft Windows Team.”

TIPS

Emails like this may appear to be legitimate, but as is the case in this email, the grammar is sometimes not correct.  In this particular email, capital letters are misused.  In any event you should always be skeptical of any email that requests personal information.  When in doubt, you should contact the real company, in this case Microsoft, to confirm whether or not the email is legitimate.

Scam of the day – January 4, 4013 – Internet Explorer vulnerability

January 4, 2013 Posted by Steven Weisman, Esq.

Microsoft, the maker of the Internet Explorer search engine has just issued an important security advisory (2794220) informing the public about vulnerabilities in the Internet Explorer versions 6,7 and 8.  It is important to note that Internet Explorer 9 and Internet Explorer 10 are not subject to this vulnerability.  Microsoft is presently investigating this vulnerability and has not yet determined how to respond yet.  An identity thief or hacker can presently exploit this vulnerability and, according to Microsoft, “install programs; view, change or delete data; or create new accounts with full user rights.”  This could easily then lead to your becoming a victim of identity theft.

TIPS

As I always advise it is important to keep your computer’s operating system and programs as up to date as possible.  Often new versions of programs are issued for the expressed purpose of fixing vulnerabilities that have been discovered by hackers in previous versions.