As the security flaw of Internet Explorer was made public by Microsoft recently, scammers moved on to the offensive to take advantage of this major loophole to create a niche for their dirty work.
According to the email, “It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for update. This requires you to verify your email account being the recipient of this update. Failure to verify your records will result in account suspension. Click on the verify button below and enter your login information on the following page to Confirm your records.”
Once the recipient of the email clicks on the link, he is then taken to a fraudulent website that asks them to select their email service and then login.
Individuals who are tricked into inputting their information now provides his information to the phisher. He would then be redirected to a legitimate Microsoft support page.
According to Hoax-Slayer, “while such phishing expeditions are all too common, this one casts a wider net than most by targeting users of several well-known email service providers rather than just one. In fact, by including ‘Other emails’ as a choice on the scam website, the criminals are effectively targeting users of virtually any email service.”
If you are using Internet Explorer, be careful of scammers then!
Tech companies, including Facebook and Google are coming together to develop a system to combat scams also knows as phishing.
This scheme lures people and tricks them into giving their passwords and other personal information by sending emails that looks like legitimate. They use banks, retailers and other businesses as fronts of their dirty ways.
In order to deter such attack to their clients and members, 15 major tech and financial firms have organized a group to develop a system to authenticate emails from legit senders and blocking out fake ones. It is called the DMARC or Domain-based Message Authentication, Reporting and Conformance.
DMARC is based on existing modes of combating spam. These techniques are designed to authenticate or verify that an email is coming from an illegitimate source.
This new system seeks to address this by asking email senders and the companies to provide an email service to share information about the communiques that they are sending and receiving. Companies can also receive alerts from email providers every time somebody not authorized is using their domain name is used for fake messages.
According to Google, at least 15 percent of non-spam messages in Gmail comes from domains that are under DMARC. Adam Dawes, product manager of Google said in a blog post that, users “don’t need to worry about spoofed messages from these senders.”
He also added that, “With DMARC, large email sender can ensure that the email they send is being recognized by mail providers like Gmail as legitimate, as well as set policies so that mail providers can reject messages that try to spoof the senders’ addresses.”