An e-mail campaign designed to lure people to a bogus Microsoft Web site is making the rounds as part of an attempt to install a Trojan horse, antivirus company Sophos said Friday.
Attackers are sending out fake e-mails that claim to come from Microsoft's Windows Update. People who click on the link in the message are steered to a site that looks like Microsoft's security update site, where they are urged to download fake patches.
But should unsuspecting users download the bogus patches, they will infect their computers with the Troj/DSNX-05 Trojan horse, according to Sophos. That, in turn, will let the attackers remotely take control of the infected PC.
"Microsoft does not issue security warnings this way," said Graham Cluley, Sophos senior technology consultant. "They don't send updates in an HTML format, so don't follow the links in an e-mail. If you want to see if an update is real, you need to go to the real Microsoft Web site and check there."
People, however, are likely to click on the phony Microsoft update notices, given that they are making the rounds at the same time as Microsoft is poised to issue its regular monthly security update.
"Next week, Microsoft is going to release their monthly security patches. So with all the news that is out there about it, some people may be tempted to click on the (bogus) link," Cluley said.
Microsoft has posted a notice on its site saying that on Tuesday it will issue some critical patches for Windows, Office, MSN Messenger and Exchange.
The software maker is aware of the bogus e-mails, a company representative said Friday. It is encouraging people to go directly to its Web site for updates, instead of clicking on a link that purportedly takes them there. Once on the legitimate Microsoft site, they can click on the
link that provides information on how to tell if a Microsoft security notice is legitimate.
Techniques like the Trojan horse e-mails are not new; malicious virus writers have in the past sent e-mails with attachments proclaiming to contain downloadable security updates. The
Dumaru worm was one such example, Cluley said.
And in another example of attackers taking advantage of Microsoft's monthly patch cycle, malicious virus writers sent out bogus e-mails in January that claimed to come from Microsoft and that encouraged users to click on an attachment containing a Trojan horse.
The news spam e-mail started making the rounds on April 2 and continued through as late as 6 a.m. Friday PST, according to Sophos. The company noted that only 582 copies have been received, accounting for 0.04 percent of all spam that was tracked during that time by Sophos.
I got that email through my ISPs email account..First thing funny I thought of was that why would microsoft use email to distribute patches..the file name seemed phoney..patch.exe or something when every legit patch I ever d/led had some sort of file name app and version..third I thought the email address seemed fishy since I was wondering how they got my email..
I can't believe people fall for this tricks..I guess its the same as phishing which really wouldn't be that big of a deal if you know what to look for and if people would be more careful then clicking o every thing in an email or webpage.
The fake Microsoft advisory we understand...but what about those of us that get Automatic updates loaded on to our tool bar? Should be disregard that info too?
Those also come directly from Microsoft's web site. E-mail should *always* be suspect when it comes to patches; I don't think there are any companies that e-mail either patches or advisories for patches--well, unless you've signed up for it somewhere.
If you have, only trust the ones that comes from sources you know. Actually, that applies to everything computer-related--if it seems fishy, it probably is, so you should check it out first.
But automatic updates are safe--well, I should say "legitimate." Safe is another matter entirely when it comes to Microsoft patches. :)
This has been happening for more than a year. I get between two and ten of these in my junk mail every day. It's about time Microsoft made mention of this i a loud way.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
I can't believe people fall for this tricks..I guess its the same as phishing which really wouldn't be that big of a deal if you know what to look for and if people would be more careful then clicking o every thing in an email or webpage.
*sigh*
what about those of us that get Automatic updates
loaded on to our tool bar? Should be disregard
that info too?
If you have, only trust the ones that comes from sources you know. Actually, that applies to everything computer-related--if it seems fishy, it probably is, so you should check it out first.
But automatic updates are safe--well, I should say "legitimate." Safe is another matter entirely when it comes to Microsoft patches. :)
Where does it end?
I'm logging off NOW....