Fraudulent emails from Microsoft Canada have been making the rounds. The email contains a link to install a security update for Microsoft Windows Firewall and Security Center. Microsoft does not send security updates through email. Do not reply to this email, click on any links or fill out any online forms with your account information. Instead, please forward a copy of the email including full headers to firstname.lastname@example.org and then delete it from your Inbox or mobile phone. If you think you may have submitted your CWL or login account credentials, go to CWL myAccount and login and change your password immediately. Please remember to notify email@example.com of the possible temporary breach of your CWL account.
For your reference, a copy of the fraudulent email is included below:
From: Microsoft-Canada.Inc [mailto:firstname.lastname@example.org]
Sent: September 29, 2011 00:55
Subject: Critical Update For Microsoft Firewall MS0098
Please notice that Microsoft has recently issued a Security Update for Microsoft Windows Firewall and Security Center.
This Update is to prevent malicious users from getting access to your computer files by executing arbitary code on a new buffer overflow found in the windows firewall process.
This is an high-priority updates. In order to help protect your computer against security threats and malicious code.
Please follow these instructions:
1. Download the file from [removed]
2. Double-click on SECURITY_FIX_4899.exe to start the update.
3. Clique on *Allow Access*
This is an Automated Message produced by Microsoft Canada Co., Please Do Not Reply