A screenshot of the email can be viewed here.
The sender is listed as Microsoft's Volume Licensing Service Center, and the email offers a registration link for an Open License with Microsoft – which many corporate customers may have purchased.
If users open the link, they’ll be taken to a fake Microsoft Volume License Center login page, where they’ll download a Trojan file. The login page is identical to the real Microsoft page, making it even harder to detect foul play.
The malware itself is extremely sophisticated, lying dormant for a period of time in the user’s device, and users may not be aware of the infection for some time.
Any customers who believe they may have clicked the link are advised to get in touch with your Softcat account manager or the Softcat security team for further assistance.
We would love to hear any comments you have about this article!