Skip to content

Microsoft Secure

imageOkay, so there are about a million social techniques being used in email to get your attention and entice you to click on some bad link, but since this one purports to be from Microsoft, I thought I’d post a quick warning and do a bit of digging, since it is the first of these that I’ve gotten and I received 3 variations (different alleged friends on the invite) over the weekend.

First, let’s take a quick look at the Fake email


First, note that the “From:” address isn’t even valid.  If you weren’t aware, the SMTP protocol doesn’t do any validation of this field for email, so Spammers (and anyone) can put anything there they want.  Since this one isn’t even valid and doesn’t have an alias with the domain, it is a definite warning signal that this is a fraudulent mail.

Next, note that I don’t know anyone named Kaylen Giles.  This is an additional warning signal.

Also note that links 3, 4 and 5 all go to real locations.  3 and 4 take you to and prompt you to login to Windows Live and will take you to your profile if you do so.  5 takes you to the actual Microsoft privacy policy page.  These real links add credibility for the email.

However, note that if you click on link 6 “View invitation”, it takes you to a link that displays on the hover as, but that is not the ultimate destination.

I created a Virtual PC (VPC) using the XP Mode image to use as a safe test environment and clicked on the link.  I expected to be attacked, but in this case ended up being redirected to a site purporting to be “Toronto Drug Store” ( – here is a screenshot:


Who knows if this is even a “valid” site for ordering Viagra?  I browsed around the site in my VPC and added some Retin-A to the shopping cart and when I went to check out, it took me to, but I stopped there.

Too risky by far.