"Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides you with the latest version of the Microsoft Outlook / Outlook Express and offers the highest levels of stability and security."
I am pointing this spam/phishing attack out because I have received so many recently and they are getting past my Junkmail filter and into my Inbox. This attack does a fair job of trying to appear legitimate. You can look at the image here to see an example of these emails.
Let's examine all the clues that this email is not legitimate and the signs you could use to avoid becoming a victim:
- Microsoft Customer Support does not send emails alerting users of Critical updates to Outlook or any other product
- The URL linked in the email appears to lead to 'update.microsoft.com', but hovering over the link reveals that the true URL is 'update.microsoft.com.illihfl.com' (The ending can vary. One of my other emails ended with 'llik1i.net')
In those cases, the update might be released off schedule, but it would still be distributed via Automatic Updates and/or Windows Update. Under no circumstances would Microsoft Support send you an email with a link to the update.
Bottom line- you should avoid clicking on links in emails even if the email appears to be from Microsoft. If you are concerned that it may be legitimate, open your web browser and visit 'http://update.microsoft.com' to determine if there are any patches or updates that you should be aware of.