mynetx

Malicious Windows Update mails in the wild

When I opened my mail this morning, I found a message pretending to be from Microsoft.  It offered me to install a Critical Update for Microsoft Outlook / Outlook Express (KB910721), and also sent the download link.  The sender pretended to be noreply@microsoft.com… This is what the mail looked like.

Malicious mail

Now look at the real link target.

Malicious mail, link target

What does this tell us?  Watch out!  Microsoft never sends out mails containing download links to patches, security or other updates.  If you receive such a mail, declare it as Junk and delete it unseen—or, in my case, just empty the Junk mail folder.