Security firm Sophos has discovered a phishing scam that targets Microsoft Windows users. The scam comes in the form of an e-mail with the subject reading: "Windows Email Security Update." The scam is designed to steal Gmail, Yahoo!, AOL, and Windows Live passwords. Here is an example of the fraudulent e-mail:
Dear Windows User,
Clicking "VERIFY" takes you to a third-party website emulating Microsoft.com. The fake Microsoft website then asks users to enter their e-mail address and password in order to receive a necessary Windows update. Protect your inbox and yourself from identity theft, and do not click any links from privacy@microsoft.com, it might be a scam.
[via Mashable]