Hi
all users, not every email that's signed off with "Microsoft Team"
actually comes from Microsoft. A perfect example is the latest phishing
scheme that's designed to lure victims to a malicious website by
promising them a free copy of Windows 8.
In this case, the crooks have come up with some fancy names such as "Microsoft window vital user" in an effort to make their scheme more legitimate-looking, but the notification is clearly written in haste by con artists.
Entitled "Microsoft Windows 8 Team," the emails look something like this :
"This
message is sent to you because, you are a member of the Microsoft
window vital user, to Get the new Window 8 freely and fully protected,
click the below Microsoft Window 8 premium link and submit, your info on
the webpage and click update. Window 8 Update."
Apparently, the Microsoft Windows 8 Team wants users to access a link which allegedly points to the "Windows 8 update." However, in reality, the site that hides behind the link is part of a clever phishing scam.
According to Sophos experts, those who click on it are taken to a "Webmail Verification"
site hosted on a server from Slovakia where they're asked to provide
information such as email address, username, password (twice) and domain
server name.
Considering
the fact that users can enter any email address and associated
passwords, the fraudsters seem to be willing to settle for any types of
accounts they can lay their hands on.
"If you're careless, you could have just handed over the keys to your castle to a bunch of cybercriminals," Sophos Senior Technology Consultant Graham Cluley explained.
The
expert advises users and company managers to invest in comprehensive
security solutions if they fear that they, respectively their employees,
could fall victims to such schemes.
Take Care
|
No comments:
Post a Comment