14 DAY TRIAL // You’re probably familiar with phone scams and other malicious attempts using Microsoft’s name to trick people into downloading infected files, but here’s a brand new attempt, this time seemingly coming from the Microsoft Digital Crimes Unit.
“Due to a new vulnerability which is exploited by hackers to steal your online details, Microsoft Digital Crimes Unit in 2013 has hereby developed a new security measure,” the mail reads.
The message then goes on to require users to download a file called Microsoft_STF_install.zip that’s supposed to validate email accounts and “prevent hackers from exploiting the new vulnerability,” but the archive is actually infected with Troj/Agent-AANA Trojan horse, according to Sophos.
“Hopefully most of you will be rightly suspicious (even if it didn't contain spelling mistakes) of the unsolicited email and too wise to blindly run a program just because of instructions which claim to come from Microsoft,” the security company adds.