Malware attack poses as security warning from Microsoft Digital Crimes Unit

Microsoft Digital Crimes UnitWindows users – do you take your computer’s security seriously?

If so, you might decide to take prompt action when you receive an email seemingly from the Microsoft Digital Crimes Unit.

But that would actually be a big mistake.

You may remember that the Digital Crimes Unit at Microsoft are the folks who have worked hard to bring down botnet servers, including those associated with Zeus, and investigated suspected malware authors.

Sign up to our free newsletter.
Security news, advice, and tips.

Here’s what today’s spammed-out email, which uses the subject line “Security”, looks like:

Malicious email

Dear Email User,

Due to a new vulnerability which is exploited by hackers to steal your online details.

Microsoft Digital Crimes Unit in 2013 has hereby developed a new security measure.

All users of the Internet and Microsoft products are hereby required to validate there email account information irregardless of their Internet service provider or Host company.

To validate your email account and to prevent hackers from exploiting the new vulnerability.

Please download the "Microsoft_STF" file attached, extract the file on to your desktop and open.Once done you will updated on Microsoft security database.

Please note that if your email is not validated, your email will be at risk for hackers getting into your personal or business email account there by getting access to classified or privileged information.

2013 Microsoft Digital Crimes Unit

Attached to the email is a file called Microsoft_STF_install.zip. And, according to the above email, “all users of the internet” should run the program to validate “there” (sic) email account.

Sounds serious, right?

Well, hopefully most of you will be rightly suspicious (even if it didn’t contain spelling mistakes) of the unsolicited email and too wise to blindly run a program just because of instructions which claim to come from Microsoft.

Sophos products detect the attached file as the Troj/Agent-AANA Trojan horse.

The irony of a cybercriminal attack posing as the Microsoft Digital Crimes Unit, and using the fear of vulnerabilities and malware infection to trick users into unwittingly compromising their Windows computers shouldn’t be lost on any of us.

Sadly, these kind of scare tactics are exactly the kind which will fool some people.

Be careful out there.

PS. You can read about the real Microsoft Digital Crimes Unit here.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.