Phishing operations don't need to be sophisticated in order to be efficient
Security experts warn users to be on the lookout for bogus email notifications that appear to come from the Windows Live Team.Entitled “Confirmation Alert Reset (2013),” the malicious messages inform recipients that their accounts have been suspended.
“We have recently confirmed that different computers have logged onto your Hotmail and Msn account and multiple password errors have been entered. We are hereby suspending your account; as it has been used for fraudulent purposes,” the emails read.
“Now we need you to reconfirm your account information to us. Click your reply tab, fill in the columns below and send it back to us or your email account will be suspended permanently.”
Recipients are asked to reply to the email and provide personal details such as full name, username, password, date of birth and country.
To avoid raising any suspicion, the crooks have even added some pieces of advice on how to manage an email account.
As experts from security firm Sophos highlight, this particular campaign is not complex, considering that the cybercriminals aren’t relying on a dedicated phishing site to obtain the sensitive information.
However, it doesn’t necessarily need to be sophisticated in order to be efficient. That’s why users are advised never to respond to such emails.