Despite the fact that spam levels decreased by 53% in 2012 as compared to 2011, targeted spam and phishing attacks via e-mail are on the rise.
Some of these campaigns consist of emails that are so effectively crafted that they could fool even some of the more advance users, while others look so obviously fake that they are spotted by all but the most inexperienced ones.
Unfortunately, given the sheer number of Internet users, spamming and email phishing is a numbers’ game that still works for the crooks behind it. Consequently, at any given time there are seemingly hundreds of active malicious spam campaigns.
Sophos warns against a recent uptick in phishing emails purportedly coming from the “Windows Live Hotmail Team,” in which potential victims are urged to verify their email address “to avoid immediate closure”:
As you can see, recipients are urged to send over their name, username, password, date of birth and country of residence.
“Of course, Microsoft would never ask you to confirm your identity in this fashion – especially not by sending your password in an (unencrypted) email,” points out Graham Cluley, but notes that the email of the sender and the inclusion of tips on how to manage email accounts could definitely fool enough of them to make the effort worth while.