Password Phishing Scam
Home ScamsPhishing Scams Windows Email Security Update Phishing Scam

Windows Email Security Update Phishing Scam

by Brett M. Christensen


Email purporting to be from Microsoft claims that the recipient’s Windows installation records are out of date and that he or she must update email account details by clicking a “Verify” button.

Brief Analysis

The email is not from Microsoft and the claim that the user’s email account needs to be verified is untrue. The email is an attempt by online criminals to trick users into disclosing their email account login details. The criminals will subsequently use these stolen credentials to hijack the email accounts of their victims and use them for perpetrating further spam and scam campaigns.


Subject: Permanent Account Suspension

We wish to bring to your attention that your Microsoft Window Records will be suspended within the next 48hours due to failure to update your records has advised in our previous letters.

Failure to verify your accounts will lead to PERMANENT ACCOUNT SUSPENSION. You are hereby advised to verify your records immediately by clicking on the Verify button below, enter your login information on the following page to Confirm your records.

Microsoft will not be held responsible over loss of data due to your details not be updated as advised.

Thank you
Microsoft TEAM.



Subject: Windows Email Security Update

It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for update.

This requires you to verify your email account being the recipient of this update. Failure to verify your records will result in account suspension.

Click on the Verify button below and enter your login information on the following page to Confirm your records.

& nbsp; &n bsp; Click here to Update Your Windows Security

Finally, we have added a binding arbitration clause and class action waiver that affects how disputes with Microsoft will be resolved in the United States.

Thank you for using Microsoft products and services!

Microsoft respects your privacy. Please read our online Privacy Statement.
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

Microsoft Security Update Scam Email


Detailed Analysis

According to this email, which purports to be from software giant Microsoft, it has been discovered that the recipient’s Microsoft Windows installation records are out of date.

The message claims that the recipient is therefore required to verify his or her email account because “every Windows installation has to be tied to an email account for update”. The recipient is warned that failing to verify will result in the suspension of the user’s account.

However, the email is certainly not from Microsoft. And the claim that recipients must verify email account details is a lie. In fact, the email is part of a criminal campaign designed to trick people into handing over the email account login details to Internet criminals. Recipients who fall for the trick and click the link in the message will be taken to a bogus website that asks them to choose their email service, as shown in the following screenshot:

Microsoft Update Scam Website 1

If victims click one of the email options, a popup “login” box is displayed:

Microsoft Update Scam Website 2

If victims then proceed to enter their email login details and press “Sign in”, they will then be redirected to a genuine Microsoft support page. Meanwhile, their email login information will be collected by criminals and later used to login to their email accounts and use them to conduct further spam and scam campaigns.

While such phishing expeditions are all too common, this one casts a wider net than most by targeting users of several well-known email service providers rather than just one. In fact, by including “Other emails” as a choice on the scam website, the criminals are effectively targeting users of virtually any email service.
Microsoft will never send you an unsolicited email requesting you to click a link to procure a security update. Windows updates are NOT tied to a specific email address as claimed in the scam email. Always keep your Windows operating system updated via the official Windows Update system. Never click links or open attachments that claim to provide updates for your Windows operating system.

Moreover, while it is certainly a powerful and high-profile entity, Microsoft has no jurisdiction whatsoever over users of email services other than its own and would certainly not ask users to provide account login details via such an email.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,