Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Okay, so there are about a million social techniques being used in email to get your attention and entice you to click on some bad link, but since this one purports to be from Microsoft, I thought I’d post a quick warning and do a bit of digging, since it is the first of these that I’ve gotten and I received 3 variations (different alleged friends on the invite) over the weekend.
First, let’s take a quick look at the Fake email
First, note that the “From:” address isn’t even valid. If you weren’t aware, the SMTP protocol doesn’t do any validation of this field for email, so Spammers (and anyone) can put anything there they want. Since this one isn’t even valid and doesn’t have an alias with the domain, it is a definite warning signal that this is a fraudulent mail.
Next, note that I don’t know anyone named Kaylen Giles. This is an additional warning signal.
However, note that if you click on link 6 “View invitation”, it takes you to a link that displays on the hover as contentmaxim.com, but that is not the ultimate destination.
I created a Virtual PC (VPC) using the XP Mode image to use as a safe test environment and clicked on the link. I expected to be attacked, but in this case ended up being redirected to a site purporting to be “Toronto Drug Store” (canadapillgroup.com) – here is a screenshot:
Who knows if this is even a “valid” site for ordering Viagra? I browsed around the site in my VPC and added some Retin-A to the shopping cart and when I went to check out, it took me to https://safeorderpage.com/cart/checkout, but I stopped there.
Too risky by far.