Fuzzy Logic
Technology news and Jobs arrow Fuzzy Logic arrow Watch out for fake Microsoft “Security Update” email
Watch out for fake Microsoft “Security Update” email E-mail
by Alex Zaharov-Reutt   
Monday, 13 October 2008
Page 1 of 3
Online criminals are once again trying to fool computer users into loading malware onto their computers, this time using an email with a “security update” attached, purporting to be from Microsoft.

Register now to win a Canon EOS 500D Cannon EOS 500D Digiral SLR

Social engineering threats that target users, rather than known or unknown flaws in operating systems and software have been on the rise for years, from the Melissa and I Love You viruses, through to promises of naked celebrities, updates for the Windows Firewall, classic banking phishing emails and now a so-called Microsoft security update.

I know of one couple of that actually installed the “Windows Firewall” update that went out a few months ago, only to find their computer infected by malware that tried to get them to buy software to remove all the supposed viruses on their computer – which they then purchased using PayPal!

Removing it was easy enough, they even managed to get Paypal to refund the money they’d spent on buying the dud software, which was nice to see, but it does show just how clever the online crims have become at fooling users into voluntarily loading malware onto their computers.

The latest email has the subject line “Security Update for OS Microsoft Windows”, and has KB386881.exe as an attachment – a “backdoor” Trojan Horse and malware.

I’m using Norton Internet Security 2009, which detected and automatically removed the attachment, telling me that KB386881.exe was really the “Infostealer” threat, thus protecting me from myself had I actually decided to install the attachment, which I would never have done.

In addition, Outlook itself (along with webmail programs such as Gmail) either would have blocked the .exe attachment or in Gmail’s case used its own internal anti-virus systems to neutralise the threat, but clearly the online criminals were hoping not everyone was using suitably cautious email software or without the latest anti-virus protections.

After all, only a small number of people need to be infected for the online criminals to declare success, then joining those computers to botnets, stealing personal information or doing whatever they wanted with the computers they now had under their control through malware that is effectively a Trojan Horse.

So, what did the offending email actually say - and how can you easily protect yourself? Please read on to page 2.


<< First page <   1 2 3 Next page > Last page - Post your comment >>
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 665,005
Subscribers 14,517
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines