Malware Email
Home Malware Bogus Microsoft Critical Upgrade Notification Email

Bogus Microsoft Critical Upgrade Notification Email

by Brett M. Christensen


Email purporting to be from Microsoft claims that the recipient’s operating system has a critical security issue and needs to be upgraded urgently via a link in the message. 

Brief Analysis

The email is not from Microsoft. The claim that a critical security issue has been discovered on the recipient’s computer is untrue. Those who click the link in the message will be taken to a bogus website where they may be tricked into downloading malware.


Subject: Critical Microsoft Windows Upgrade Notification

Dear Microsoft Windows User,

You are recieving this notification because the version of Microsoft Windows you are running is affected by a critical security issue.

In order to protect yourself and other users of the Microsoft Windows operating system, it is highly recommended that all customers upgrade Windows as soon as possible.

To do so, please download the KB396658 upgrade from Windows upgrade by clicking here.

We appreciate your cooperation.

Microsoft Windows Client Support Team

© 2010 Microsoft Corporation


Detailed Analysis

This email, which purports to be an official upgrade notification from Software giant Microsoft, claims that the version of Windows running on the recipient’s computer has a critical security issue that needs to be rectified as soon as possible. The message urges recipients to click a link in the email in order to download an upgrade that will fix the supposed security issue.

However, the email is not from Microsoft. The claim that a security issue has been found on the recipient’s computer is a lie designed to trick him or her into clicking the link in the bogus message.
Those who do click the link in the mistaken belief that they are required to do so in order to protect their computer will actually be taken to a bogus website that contains malware. Clicking “Upgrade” or “Update” links on the bogus website will download the malware and install it on the victim’s computer. Once installed, the malware may allow criminals access to the compromised computer, harvest sensitive personal information and/or download other malware components.

Internet criminals regularly use variations of this fake Microsoft upgrade ruse as a means of distributing malware. Any email that claims to be an upgrade, update or “patch” from Microsoft should be treated as suspicious.

If you receive such an email, do not follow any links in the message or open any attachments. Microsoft will never distribute security updates via unsolicited emails. It is important that Windows users always install genuine Microsoft security updates as soon as possible, but they should only do so via the official Microsoft update website.

In a related scam, phone scammers are posing as Microsoft tech support workers who claim that the victim’s computer has been infected with viruses or has other security problems. The bogus callers attempt to trick those they call into going to their computers and opening a website, ostensibly as part of the procedure for fixing the supposed security issue.

However, once on this website, they will be tricked into downloading and installing trojans and other malware that can allow criminals access to the compromised computer. The victim may also be tricked into parting with credit card or banking details, ostensibly in order to purchase software supposedly needed to “fix” the computer problem.

In short, Microsoft will never send you an unsolicited email informing you that you must follow a link to update your computer. Moreover, Microsoft will never call you to inform you that your computer has viruses or security issues.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,