http://msmvps.com/blogs/harrywaldron/archive/2009/06/22/spoofed-microsoft-outlook-critical-update-spammed-in-email.aspxAs many folks realize Microsoft does not distribute updates by email . However, Microsoft will alert users who have signed up for Patch Tuesday notifications, that new updates are available. In the links below, Trend Labs notes a highly deceptive emailenCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msmvps.com/blogs/harrywaldron/archive/2009/06/22/spoofed-microsoft-outlook-critical-update-spammed-in-email.aspx#1696688Thu, 25 Jun 2009 09:08:20 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1696688Richard South<p>Thanks, that email is arriving with current (25/06/09) date.</p> <p>Your infor has allowed me to issue warning with confidence to my collegues</p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1696688" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2009/06/22/spoofed-microsoft-outlook-critical-update-spammed-in-email.aspx#1696574Wed, 24 Jun 2009 12:31:15 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1696574Filo Hirota<p>Good that I found this page. Otherwise,there is not way to know that the mail was spoofed. Is there anyway that Microsoft could alert its users of this kind of danger?</p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1696574" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2009/06/22/spoofed-microsoft-outlook-critical-update-spammed-in-email.aspx#1696394Tue, 23 Jun 2009 15:23:56 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1696394SARGE<p>Useful info.</p> <p>with regards to </p> <p>&quot;best practice of hovering over email links would reveal a different one than shown in the document.&quot;</p> <p>i noticed the real microsoft link begins:</p> <p>&quot;<a rel="nofollow" target="_new" href="http://update.microsoft.com&quot;">http://update.microsoft.com&quot;</a></p> <p>however in this instance they&#39;ve snuck in &quot;llik1i&quot; after the word microsoft. (as per below)</p> <p>&quot;<a rel="nofollow" target="_new" href="http://update.microsoft.llik1i.com&quot;">http://update.microsoft.llik1i.com&quot;</a></p> <p>i&#39;m guessing they chose l&#39;s 1&#39;s and i&#39;s as they are the thinest characters on a keyboard</p> <p>may they die horribly.</p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1696394" width="1" height="1">