Microsoft’s Security blog is warning users not to click a link in an email that appears to be a notification from Windows Live, but is infact a malicious email that claims to be a friend request for Windows Live. When clicked, the email sends you to the “Toronto Drug Store.”
“First, note that the “From:” address isn’t even valid. If you weren’t aware, the SMTP protocol doesn’t do any validation of this field for email, so Spammers (and anyone) can put anything there they want. Since this one isn’t even valid and doesn’t have an alias with the domain, it is a definite warning signal that this is a fraudulent mail,” Microsoft states. So be extra careful when receiving emails like this, as it can be a surefire way to have something bad happen. Luckily, based on preliminary investigations, the link only redirects to an online pharmaceutical store (legit or not), rather than some sort of attack page.
