Watch out for fake Microsoft “Security Update” email

by Alex Zaharov-Reutt

Monday, 13 October 2008

Page 1 of 3 ! Online criminals are once again trying to fool computer users into loading malware onto their computers, this time using an email with a “security update” attached, purporting to be from Microsoft. Social engineering threats that target users, rather than known or unknown flaws in operating systems and software have been on the rise for years, from the Melissa and I Love You viruses, through to promises of naked celebrities, updates for the Windows Firewall, classic banking phishing emails and now a so-called Microsoft security update. I know of one couple of that actually installed the “Windows Firewall” update that went out a few months ago, only to find their computer infected by malware that tried to get them to buy software to remove all the supposed viruses on their computer – which they then purchased using PayPal! Removing it was easy enough, they even managed to get Paypal to refund the money they’d spent on buying the dud software, which was nice to see, but it does show just how clever the online crims have become at fooling users into voluntarily loading malware onto their computers. The latest email has the subject line “Security Update for OS Microsoft Windows”, and has KB386881.exe as an attachment – a “backdoor” Trojan Horse and malware. I’m using Norton Internet Security 2009, which detected and automatically removed the attachment, telling me that KB386881.exe was really the “Infostealer” threat, thus protecting me from myself had I actually decided to install the attachment, which I would never have done. In addition, Outlook itself (along with webmail programs such as Gmail) either would have blocked the .exe attachment or in Gmail’s case used its own internal anti-virus systems to neutralise the threat, but clearly the online criminals were hoping not everyone was using suitably cautious email software or without the latest anti-virus protections. After all, only a small number of people need to be infected for the online criminals to declare success, then joining those computers to botnets, stealing personal information or doing whatever they wanted with the computers they now had under their control through malware that is effectively a Trojan Horse. So, what did the offending email actually say - and how can you easily protect yourself? Please read on to page 2. << First page <   1 2 3 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751