msecastlelogo

Amazing how blatant attempts to get your personal data can be. Here is one I recently received:

hotmail-logo

Dear Account Owner

This Email is from Hotmail Customer Care® and we are sending it to all Hotmail Accounts Owner for safety. We are having congestion due to the anonymous registration of Hotmail accounts so we are shutting down some Hotmail accounts and your account is among those to be deactivated. We are sending this email to you so that you can verify and let us know if this account is still valid? If it is, Please kindly confirm your account by first clicking on the show content link highlighted in yellow just above the subject line. The following information is needed to verify your account: Your User name, password, date of birth and your country information.

Click on the reply button and fill in your information:

* Full Name…………………………….
* Username:……………………………
* Password:…………………………….
* Date of Birth:…………………………

* Country Or Territory:………………

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.
Warning!!! Account owner that refuses to update his/her account after 24 Hours of receiving this warning will lose his or her account permanently.

Sincerely,
The Windows Live Team

It looks official doesn’t it?  There is the MSN Hotmail logo and they even use the registered symbol in the first line to make it look even more official.

They start off with the scare tactic early by telling you your account faces a shut down if you do not reply to this email with the info they are asking for.  No one wants to lose their email account do they?

They also ask you to take the first step in verifying your account:

If it is, Please kindly confirm your account by first clicking on the show content link highlighted in yellow just above the subject line.

What they are trying to get you to do is click on this in the email:

yellowbar

By clicking this bar you will download images that are embedded in the email – even those that might be just one pixel in size and nearly invisible to you.  That may be linked to a website that ties the picture being downloaded to the email address that was used and confirms they have a current email address which makes it more valuable for spammers to sell.

Then they ask for 5 items of personal data including your password and username.  That is what they are really looking for and it is a bonus if someone also sends in their full name and birthday which could allow the spammer to possibly create fake accounts in your name on other systems.

Then they tell you afterwards that as long as you send all this data in they will be able to verify your account and all will be normal for you.

Then they hit the fear button one more time and tell you that if you fail to reply to this email after 24 hours that your account will be shut down.  Again, who wants to lose their email account?

Things to look at when you see an email like this and you want to reply:

  • Companies do not typically ask for passwords and usernames via email.
  • Did you check what email address it came in to?  If it did not come to your Hotmail account or the alternate address you provide Hotmail in your private account settings then that is a good indicator it is fake.  Why would Hotmail contact you at any other email address but the ones you gave them?
  • Check the properties of the graphics. On the original version of this email that MSN Hotmail logo was being served from a third party software site which was not associated with Microsoft or Hotmail.  Why would Microsoft need to serve logos up from anywhere but their own server?  Note: I am serving that graphic from my website in this posting as I prefer not to scrape it from the original location.
  • If your familiar with tech over the last few years you know that Hotmail is no longer called MSN Hotmail.
  • A little more subtle thing is the strange use of capitalization:
    • This Email is from
    • Hotmail Accounts Owner
    • If it is, Please kindly confirm
    • 24 Hours of receiving this

This of course is not all inclusive but I think you can get the idea about what to look for when you get these requests.

Stay safe and vigilant out there.