Phishing scam pose as Microsoft Windows Error Fix

If you receive an email from Microsoft you should verify the source. Cybercriminals are now sending fake emails claiming that they have an Urgent Windows Error Fix. This is a very clever trick as in the last period many windows users were urged to rollback some security update due to problems with the Microsoft patch Tuesday.

According to Sophos the phishing message include the following:

“Windows Installer package update is required to automatically eliminate obsolete patches in your sequence of patches as a report on our server indicates an error code (0x700) as a result of a failed update

Every installer sequence patch is being linked to an email account. Fill in the error code and other details to automatically fix this error”

The url in the message is obviously not leading to Microsoft website and not using encrypted HTTPS session. while it is looking for users credential to download the fake update.

msphish-form-500Screenshot for the Fake website by Sophos

For your safety make sure to never click on a link directly in the message and verify the url to be sure that it is pointing to the correct legitimate website. Use anti-spam software to reduce spam’s and phishing emails.

Share