Fake security communications that appear to be from Microsoft

Microsoft sends e-mail messages to subscribers of our security communications when microsoft release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.

This tactic is known as spoofing.

Some of these messages lure recipients to Web sites to download spyware or other unwanted software. Others include a file attachment that contains a virus.

How to help verify the legitimacy of a security-related e-mail

If you have not signed up for any security communications from Microsoft and you receive an unexpected message about a security update, treat the message with great caution. When in doubt, delete the message and immediately check the Microsoft.com home page for the same information.

Digital signatures help make Microsoft security communications more secure

If you have signed up for security communications from Microsoft, these communications may have a digital signature attached.

To help increase your security, these communications may be signed with the Internet standard, Secure Multipurpose Internet Mail Extensions (S/MIME). S/MIME gives you added assurance that the e-mail message comes from Microsoft, has not been tampered with, and is not a fake.

More at Microsoft

Related posts

• What is a spear phishing scam (0)
• Problems in public key encryption (0)
• Digital signatures (1)