Bogus E-mails Distribute Malware Disguised as Windows Update
Researchers at Sophos the anti-virus company caution that one fresh e-mail scam is distributing malware as it attempts at passing one AutoRun worm, which reportedly pretends to be an important security update for Windows.
Displaying the caption "Update your Windows," the spam mails spoof their headers so that they seem as being sent from the domain address, email@example.com.
Also, depicting a lengthy message, these spam mails assert that Microsoft has just released an update for all Windows software wherein Windows 2000 in also included albeit the particular OS isn't any longer supported.
Moreover, the spammers assert that e-mail users' PCs are configured to get online notices therefore they must load the so-called security update which can be obtained from a given attachment named KB453396-ENU.zi. But, the .zip file doesn't contain any update, rather it has an installer that loads a PC worm, which proliferates through USB sticks and which Sophos has detected as W32/Autorun-BMF.
Additionally, since on opening the attachment, nothing is exhibited that could raise doubts in the minds of users, therefore the malware purveyors try to escape notice by asserting inside the spam mails that because the OSs have chosen for executing updates behind the screen, the attachment looks blank.
Also notably, the signing name within the e-mails is Steve Lipner who's Microsoft security team's senior member, all to make the messages appear genuine. Obviously, there's no role of Mr. Lipner in these e-mails. Besides, Microsoft doesn't ever issue security updates through electronic mail attachments. Earlier too, many attacks occurred that abused Mr. Lipner's name.
Said Senior Technology Consultant Graham Cluley at Sophos, despite such a lot of effort from the cyber-criminals towards duping gullible PC-users, one might've thought that the criminals would've been more careful in not making a fundamental mistake i.e. using firstname.lastname@example.org as the e-mail sender's address. Sophos blog published this on January 4, 2011.
And while the researchers remark that crooks on the Internet are once again using their traditional ruse of disseminating malicious software in the guise of a Microsoft patch, users must exercise utter vigilance while handling e-mail attachments however trustworthy their sources may seem.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 13-01-2011