Bogus alert from Microsoft Digital Crimes Unit carries malware

Malware peddlers are impersonating Microsoft’s Digital Crimes Unit to convince users to download a malicious attachment and run it on their computers, warns Sophos.

The email talks about vulnerabilities, hackers, a new “security measure” developed by Microsoft, and says that all Microsoft users are “required to validate there [sic] email account information”:

Unfortunately, those who are tricked into downloading the attached Microsoft_STF_install.zip file will not get “updated on Microsoft security database,” but will be saddled with malware.

Remember: never download attachments from unsolicited emails – no matter how legitimate they look and what dire consequences they predict will happen if you don’t.

Don't miss