Remember the other day when I mentioned a phishing email that was using the recent Microsoft-Skype deal to entice people to download malware?
Well now they are using the Xbox Live Rewards program and Bing to do the same thing. Check out this email I received earlier.
Looks pretty official doesn’t it? That image at the top is an actual picture that did appear on the Bing homepage plus Microsoft did begin an Xbox Live Rewards program last year and on top of that I am a member of that program.
Let me tell you that when this first hit my inbox I did not immediately react to it as a phishing attempt – I thought it might be for real.
A quick glance at the bottom half of the email showed me this:
That all looks pretty official as well. Here is what that text says:
Open to residents Xbox LIVE Rewards members who are residents of the 50 United States (including District of Columbia) aged 18 years and older. Offer ends 5/31/11. See Terms and Conditions for details.
© 2011 Microsoft Corporation. All rights reserved. This site is hosted for Microsoft by ePrize, LLC. To learn more, please read our Privacy Statement. Microsoft Corporation, One Microsoft Way, Redmond, WA 98052
More pretty official looking stuff huh?
So what caused me to pause and take a closer look? Two things.
One was the email address that it arrived addressed to. It was one I use associated with a Microsoft site I have access to but it has nothing to do with Xbox Live Rewards and Bing.
The second thing was the links behind every hyperlink, picture, Twitter, Facebook and YouTube icon. It was the same exact link for everyone one of them. No matter what I clicked in this email it would have directed me to their phishing/malware site.
So even those of us who consider ourselves tech savvy can get caught up, at least for a brief moment, by the fancy work of these spammers.
Always take a second look at things before you click a link in this type of an email. You will likely save yourself a lot of difficulty later.
Stay safe out there on the Internet.