Microsoft Outlook phishing email

Posted by kent on June 25th, 2009

Trend Micro, a provider of online security, has alerted the web to a false email purporting to come from Microsoft, alerting users to a "Critical Update" to Outlook (Microsoft's email client). Their Malware Blog reports that:

All the links in the email (the links to Contact Us, Privacy Statement, Trademarks, and Terms of Use) are legitimate–except one. The URL where the “critical update” may be downloaded looks legitimate, but hovering over the hyperlink (or checking the source code of the mail) reveals a totally different destination.

The actual source of the link reveals a bogus Microsoft domain (update.microsoft.com does appear in the url, but as a subdomain of an unknown website, which is a common phishing trick). So, if this email finds its way to your mailbox, send it to the trash. Legitimate patches and updates come from the Windows Update control panel (assuming you have it set up) or from Microsoft.com's update site.

To find out about Trend Micro's security software and how it compares to other offerings, check out our Internet security software reviews.

• Type carefully when looking for a free credit report
• How do I login to my Identity Guard account?
• Data Breach Alert: Health insurer exposes personal information of 128,000 customers
• Will online backup services also backup a virus or spyware?
• Malicious hack impacts 2.2 million shortened URLs