Phishers At It Again


Hand on KeyboardYour BBB has received news of a sophisticated phishing scam purporting to be from Microsoft.  The phishing email uses the trouble Microsoft had in September with their updates—w here they were sending out updates to their updates—to trick consumers into revealing their username and password. This new phishing scam claims to be an urgent Windows error fix and at first glance it appears to be legitimate. The email says the update is required to eliminate obsolete patches, and gives a 0x700 error code. Consumers are directed to click on a link and to enter their email address and password in order to fix the error.

If you receive such an email, do not click on the link; just delete the email.

On its website, Microsoft clearly states that it “does not send unsolicited communication about security updates.” They go on to say, “Unfortunately, cybercriminals have exploited this program by sending fake security communications that appear to be from Microsoft.”

Microsoft never attaches software updates to their security communications. Instead, they refer customers to their website for information about available updates or security incidents.

Here are some tips for detecting a phishing scam email:

Spelling and bad grammar – If the email contains several spelling and grammar errors, it could be a scam.

Beware of links in email. If you see a link in a suspicious email message, don’t click on it. Instead, hover your mouse (but don’t click) over the link to see if the address matches the link that was typed in the message. Links might also lead you to .exe files. These kinds of files are known to spread malicious software.

Threats. If you ever receive a threat that your account would be closed if you didn’t respond to an email message, this would be an indication that it is a scam.

Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. Cybercriminals also register web addresses that resemble the names of well-known companies but are slightly altered, called cybersquatting and typosquatting. For example, using www.micrsoft.com, www.micosoft.com, or www.mircosoft.com to make consumers think they are on the official Microsoft website www.microsoft.com.

For more information you can trust, visit your BBB at Evansville.bbb.org.

Related Posts:

Phishing E-mails: What To Look For

Beta Bot Malware Blocks Users Anti-Virus Programs

Protect Your Identity: Don’t Get Phished

Phishing Scheme and the National Do Not Call List


Written by

Amanda is the Director of Investigations & Information Services and is a regular contributor to the consumer education blog. She is one of our go-to colleagues for answering complex consumer inquires. Amanda also manages our charity reporting program and writes our accredited business newsletter.

1 Comments to “Phishers At It Again”

  1. clearly outnumbered says:

    Hello! Someone in my Facebook group shared this website with us so I came to give it a look.
    I’m definitely loving the information. I’m book-marking and
    will be tweeting this to my followers! Wonderful blog and excellent
    style and design.

Leave a Reply

*