Important Security Tip

October 22, 2009 at 5:01 PM (Internet Security)
Tags: , , , ,

I received an e-mail just now that looked VERY legit. It even came from noreply@microsoft.com

It told me that there were important updates to Microsoft Outlook that were “Critical” in nature.

Ever suspicious instead of clicking the link I went into my MS Outlook app, clicked ‘help’ then clicked ‘check for updates’. The “real” Microsoft site informed me that there were no critical updates available, just some “optional” ones. So then I took a closer look at the e-mail because usually I can tell right away. The link provided on the surface looks like it is legit. The key on any link is whatever appears after the LAST dot “.” before the “.com”. So www.fraud.nerdenterprises.com would be a location in “nerdenterprises.com”. Well looking at the link in this e-mail on the surface it looks legit because “Microsoft.com” is the last part of the link before any forward slashes “/”. So I was still puzzled until I hovered my mouse over the link (WITHOUT CLICKING ON IT). Then the “real” link appears and you will notice it is different:

Click the image for a larger version:

Notice the link in the e-mail has http://update.microsoft.com/

But when I hover over the link the box pops up and the ACTUAL URL is very different:

http://update.microsoft.com.modestftp.eu/microsoftupdate

The actual domain here is “modestftp.eu” this is clearly NOT microsoft’s website.

They ALMOST got me on this one – but you can’t put one past a REAL nerd!

Leave a Comment