Beware: “Account Info Change” Phishing Scam

Here is a quick reminder of the importance to ensure you are CLOSELY reading your emails and the links included in them BEFORE you click on them. This weekend I received an email with the subject “Updated Information” that said it is from “Account Info Change.” Here is an image of the mail itself:

Click image for full size

Upon first glance, it appears to be a security notice to inform me that key pieces of information on my account: “Date of Birth and Security question” have been updated. Obviously, I had not done this, so the first reaction would be, “Hey, I didn’t do that! How do I let someone know?”

Sure enough, just below that notice, it provides a convenient link that says, “reset your account password immediately” if you didn’t initiate this change and another convenient link further down to visit the “Support Center.” Now, if you did not actually read the email thoroughly and just reacted to what it said, you might quickly click on either of those links to take action against this wrongful change in your account. If you had done that, you would have been in for a surprise…

Rule #1, before clicking links to go where they want to take you, first check to see where they are actually taking you. (In scams like this one, they’re lying to you!) Take a look when I hover the cursor over the links in the mail above:

You can click the image to view it in full size. Notice that the target URL for both of the links actually goes to a supposed drug site in Russia. What do you think happens when you land on that page? Well, I can’t tell you for sure, because I’m not about to click it to find out. The unfortunate part is, there are many people who will click that, because they don’t take the time to really look at the mail and will respond to the “Alert” by clicking blindly. That, my friends, is how bad things happen!

I bring this mail to your attention because over the course of 24 hours, I received 4 of these, to various email addresses. If I’m receiving 4 of them, there are a lot of these going out to a lot of people. PLEASE do not click on them and PLEASE reach out to your clients and ensure that they remember to follow key safety guidance when reading email and surfing the web. Here are some posts I’ve shared in the past with resources for you on online safety:

• Online computer security: Protecting yourself, your kids online, your computer, and more.
• How to avoid scams that use the Microsoft name fraudulently
• Fake Hotmail alerts and support calls. Protect yourself and others!
• Tips to help stay safe online and in social media

In this day of easy access to everything through a digital connection, it is important to remember that not everything is as it seems and that not everyone is honest and forthcoming in what they say. Please protect yourself to ensure you have the best possible experience when navigating the fantastic world of cyberspace.

Did you find this information helpful? If so, you may want to make sure you are utilizing all of the areas I share information online, such as:

My Twitter account My Linkedin account My blog My Facebook page

Get the Microsoft Partner Info Mobile App and get access to the latest from all of those plus: product teams, MPN teams, Microsoft News and hundreds more resources here at Microsoft right on your phone:

Thanks again for being a reader of my blog!

Tweet this:

Thank you and have a wonderful day,

Eric Ligman – Follow me on TWITTER, LinkedIn, and RSS and see “What I’m thinking”
Director, Worldwide Partner Experience
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights

Bookmark on: MSDN , TechNet, and Expression

Technorati Tags: Microsoft,security,fake,phishing,email,links,Eric Ligman,scamming,scam,drugs,Russia,protection,cyberspace,identity theft,support,resources

del.icio.us Tags: Microsoft,security,fake,phishing,email,links,Eric Ligman,scamming,scam,drugs,Russia,protection,cyberspace,identity theft,support,resources