Are MSN messages fake messages

Phishing: Detect and prevent attempted fraud in emails

Additional Information

This is a step-by-step article.

Problem Description

I received an email from an internet service or company asking me to change my password. How do I know if this email can be trusted?


What is phishing?

Phishing is a form of Internet fraud that aims to spy on personal data such as credit card numbers, passwords, bank details or log-in data for social media services and to misuse this data.

To do this, the fraudsters put a fake website on the Internet that looks deceptively similar to the original (such as a banking page or a login page for a social media service like Facebook). In addition, the attackers send random emails asking them to confirm or renew their login data, passwords or even TAN numbers. These emails contain links to the fake page. If the user logs in with his personal data, it falls into the hands of cyber criminals. The fraudsters are then able to misuse the account information or sell it on to spammers or hackers. At first, the victim does not notice anything. After just a few weeks, however, the damage can be considerable if, for example, the fraudsters have transferred money from their own checking account to someone else's accounts or misuse their own private e-mail account to distribute spam and viruses.

Typical signs of a phishing attack via email

According to the Microsoft Security Intelligence Report of May 2011, the number of phishing attacks in the area of ​​social media offers has increased tenfold (compared to the same period last year). Nevertheless, observant users can protect themselves effectively and quickly expose attempted fraud.

Phishers usually advertise their deceptive websites via email, which they send indiscriminately to as many Internet users as possible. In the texts of these e-mails, users are usually asked to renew their contact data or passwords. This is fundamentally dubious. Neither Microsoft, nor credit institutes or shopping and auction portals will ask you by email to confirm or renew your log-in data. There are also signs of a phishing attack if several of the following criteria apply:

1. You have never communicated with this company or institute by email before. Now you are suddenly asked to enter personal information on a website. Be sure to be skeptical. You will usually receive important documents or instructions from your bank by post and not unsolicited by e-mail. If in doubt, contact the company by telephone and have the e-mail request confirmed.

1. The email appears to come from a company based in Germany, but the text is in English. Or the text is in German, but contains clear grammatical and / or spelling errors.

2. You will not be addressed in the mail by name, but with a very general form of address such as "Dear Member", "Dear Member", "Dear [...] customer". Please note that trustworthy e-mails have a correct salutation: In e-mails from Facebook, for example, you will be addressed with your first name (if your name is your log-in ID), in e-mails from ebay with your ebay- Names. If you receive an email from the Windows Live team, please make sure that your correct Live ID is included in the salutation, for example "Hello [...] @".

3. In the address line of the e-mail you can see that this e-mail was not only sent to you personally, but to many, covert addressees. You can recognize this by the entry "undisclosed recipients". Completely strange names in the address line are also revealing. In the case of serious e-mails, the addressees are not covered up.

4. Do not blindly trust the information in the sender line of the e-mail. This information can easily be falsified. However, you can easily find out where this e-mail actually came from by performing the following steps in Outlook 2010, for example: Open the suspicious e-mail by double-clicking it in a separate window (but do not open the email embedded Left!). Click on File in the menu bar and then on the Properties button in the middle area. In the Internet Headers section, scroll down until you see the lines that begin with “Received”. There the IP addresses and domains of the transmitting server are named. With this information, you cannot identify the perpetrator, but you can identify the fraud immediately. In this example, the supposed Windows Live mail comes from an Australian Internet service provider.

5. Open an email and your first impression has concerns about its credibility? Then take a closer look. Often it is small errors in the graphic design, such as incorrectly placed company logos, "faded" or outdated graphics, that indicate an attempt at fraud. Perhaps you can also compare the suspicious email with an authentic email from the same sender?

6. Last but not least: never follow the embedded links in suspicious emails. Instead, use the URL you know, or search Bing for the correct web address for this provider. Then mark the e-mail as junk. To do this, right-click the e-mail in Outlook 2010, point to the Junk E-Mail command on the shortcut menu, and then click Block Sender.

Report phishing emails in Hotmail

If you have a Windows Live account and receive a suspicious email on Hotmail suggesting a phishing attempt, let Microsoft know. This increases your protection and the security of all users.

1. In Hotmail, highlight the suspicious e-mail and then click on the menu bar on Mark as.

2. Then click on Fraudulent Phishing Attempt and confirm the following security question.

Important note: You can also help the Windows Live Hotmail team fight spam. If you receive a phishing message sent from a Hotmail account, please send a full copy of the phishing mail to [email protected] If the sender's domain is different (e.g., simply replace it and send the copy of the phishing email accordingly to [email protected] Many Thanks!

Sources of information

For more useful information, see the following Microsoft Knowledge Base article:


Phishing: Detect and report attempted fraud on the web