OFFICIAL SECURITY BLOG

Security Change Spam: “Your Hotmail Account Services Has Expired”

February 26, 2014 | BY

You may have survived the Great Hotmail to Outlook changeover of 2013, but be advised there are emails doing the rounds which want to cause a Hotmail handover of their own.

From the spam traps:

Hotmail changeover spam

The email reads as follows:

Security Change

Dear User,

All Hotmail customers have been upgraded to Outlook.com. Your Hotmail Account services has expired.

Due to our new system upgrade to Outlook. In order for it to remain active follow the link Sign in Re-activate your account to Outlook. account.live.com

Thanks,
The Microsoft account team

Clicking the link won’t immediately take potential victims to the phish, because the people behind the email managed to slightly bork the clickable link, and by “slightly bork” I mean “completely destroy”:

http://%20%20%20http// [rest of URL goes here]

Whoops.

This is what the eager link clicker will see – note the space after the “www”, which is what all that “%20%20″ stuff means:

Uh oh

If they’re determined to reach the “reactivation page”, they’ll then close up that space in the web address. Of course, should they do that…

This is not going well

…they’ll find they arrive on a website entirely unrelated to anything they happen to be doing. The actual location of where our overly hopeful mail sender wanted victims to land would be here:

Got there eventually...

The URL the above page is hosted on appears to be a Sake website, so it’s quite possible they’ve been compromised and had the “Outlook” page placed there without permission.

For the time being, any Hotmail accounts you have will still function as normal – the only real difference is that you’re still using the Outlook URL to sign in.

Some additional good news with this one (in addition to the wonderful news that the people sending this mail can’t insert web addresses correctly) is that Outlook itself flags the message as spam and deposits it in the spam folder.

You’d really have to try hard to catch yourself out with this mail, but stranger things have happened. Don’t fall for it!

Christopher Boyd


  • https://www.facebook.com/erkfitzeby Ronda Erkfitz Eby

    I got sucked in. I know better!!!!! I’m at the “wait for 1 month” point. Haven’t gone into my e-mail since I “completed” stupid process. I’m afraid to. Don’t know what damage has been done?!?!

  • Babystang

    There is a new one circulating. How do we report this to microsoft? Here is the email I received:
    Microsoft Account

    Dear Hotmail User,

    It has come to our notice that your account a************@hotmail.com is not yet upgraded after several notice of verification you are yet to upgrade your account.
    Kindly be informed that we’ll not be held responsible for your account deactivation once you fail to upgrade your account after this Final Warning. To remove your account from our deactivation list kindly click Upgrade now below

    To upgrade click: Upgrade Now

    Click Here To Unblock

    WARNING:ACCOUNT OWNER THAT REFUSES TO UPDATE HIS/HER ACCOUNT AFTER 3 DAYS OF RECEIVING THIS WARNING WILL LOSE HIS OR HER ACCOUNT PERMANENTLY.DO NOT IGNORE THIS NOTICE.YOU MUST FIRST MOVE THIS MESSAGE TO YOUR INBOX,SECONDLY, CLICK AT SHOW CONTENT ABOVE TO ENABLE YOU CLICK AT Outlook Windows Connector ADDRESS.

    Regards,
    Thanks for using Hotmail
    The Microsoft account team
    Copyright © 2015 Microsoft.

    © 2015 Microsoft
    Terms
    Privacy & cookies
    Developers
    English (United States)