This is a very slick scam that is so well done that it will be easy to fall for it.  Criminals have created fake emails that look as if they’re coming from Microsoft.  They’ll be titled “privacy@microsoft” as they know that kind of header will get most people’s attention.

The emails tell the recipient his computer is out of date, that “the risk is very high” and that the recipient needs to update his Microsoft Windows installation records.  How to do that?  By clicking on the “Verify” button link within the email.  Don’t do it!  The link is to a 3rd party website that is also a fake — it’s not a legitimate Microsoft website.

That 3rd party website then gives the recipient the choice of  logging in using his Gmail, or Windows Live, or Yahoo or AOL password and email address.  If you’ve gotten this far Stop!  What happens if you provide this information?  You’ve just sent it to the criminals who will use it for even more scams.  As Graham Cluley wrote, these criminals will “…waste no time breaking into your online account, stealing information and potentially committing identity theft.”( nakedsecurity.sophos.com; “Microsoft Windows Update emails try to steal your Gmail, Yahoo, AOL passwords…”, September 24).

Mr. Cluley’s article has a screen shot of one of these scam emails. Take the time to read his article and study the screen shot. He’s identified some red flags in the emails to be on the alert for — the grammatical errors and odd word and language choices.

Don’t fall for this phony privacy alert — the result will be an invasion, not protection, of your privacy.