I do not know about you, but for the past couple of days my inbox has received several e-mails claiming to be from Microsoft while touting links to updates for Microsoft Outlook and Outlook Express. :>) Naturally, I clicked on those links right-away and installed me some updates (not).
However, in all honesty, I was surprised at the level of effort that the sender went through in making this phishing e-mail look more "authentic". For example:
•§ First, the message itself is formatted to look like a Tech Bulletin from Microsoft.
•§ There are links within the e-mail that link off to valid addresses on the Microsoft site.
•§ Lastly, the sender took care in crafting the update (phishing) URL such that it almost appears to be going to update.microsoft.com and has a valid query path for the update.
In other words, at first glance, the e-mail looks valid. And, thanks to the sender's efforts within the social engineering arena, I'm sure that the number of people falling for this e-mail is much higher than the normally lame phishing e-mails that are sent out. Thus, unless the e-mail was blocked by some kind of inbound gatekeeper, it's up to the receiver to determine how to handle this e-mail: delete it or fall into trap.
In other words, for organizations and even consumers, the best defense in this case is awareness, training, knowledge, etc. and not some fancy security software. Ah... if only all solutions were so simple.
This story, "Don't Get Tricked by Fake Microsoft Update E-Mails" was originally published by Network World.