From June 23 Internet users are deluged with seemingly valid messages alarming readers about a critical patch available for Microsoft Outlook and Outlook Express. They typically share one of the subjects below:
- Install Critical Update for Microsoft Outlook
- Microsoft Outlook Critical Update
- Microsoft Outlook Update
- Update for Microsoft Outlook
The subject may have a different form though. It is a typical phishing message whose job is to intercept contact information. You must NOT click the links contain in this e-mail; the message must be immediately removed.
The layout, links, and message body are designed to trick the reader into believing that it is an original message from Microsoft. Remember last time Microsoft sent you a similar message? No? Good for you, as they never do. The fix/patch/update-related information are included in an official Microsoft bulletin, and all fixes must be downloaded and installed via automatic update facility built into Windows or from Microsoft Update website that can be safely accessed by using Start menu in Windows.
The phishing message is as follows:
By clicking a link included in the message the user is transferred onto a fraudulent webpage collecting contact information.