Softcat warns of fake Microsoft email scam

Softcat raises the alarm about "extremely authentic-looking" spam email tricking end users

Softcat has warned the channel and its customers to be on the lookout for a spam email claiming to be from Microsoft which tricks users into downloading "extremely sophisticated" malware.

In a blog post published this morning, the reseller put its corporate customers on high alert for the dodgy email, a screenshot of which can be viewed here.

It said the sender claims to be from Microsoft's Volume Licensing Service Centre (MVLSC) and tries to lure readers in with a registration link to a Microsoft Open License, which it claims many corporate customers may have purchased.

"If users open the link, they'll be taken to a fake MVLSC login page, where they'll download a trojan file," Softcat warned. "The login page is identical to the real Microsoft page, making it even harder to detect foul play.

"The malware itself is extremely sophisticated, lying dormant for a period of time in the user's device, and users may not be aware of the infection for some time."

In a statement sent to CRN, Microsoft said:

"We would like to assure our customers that this is a fraudulent message and is not associated with Microsoft in any way.

"Email scams such as this one are unfortunately quite common, with new iterations appearing regularly. Our online guidance offers help and tips in identifying and recognising scam emails and phishing attempts. Anyone who receives this or any other fraudulent email can report it to Action Fraud."