Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Bogus E-mails Distribute Malware Disguised as Windows Update

Researchers at Sophos the anti-virus company caution that one fresh e-mail scam is distributing malware as it attempts at passing one AutoRun worm, which reportedly pretends to be an important security update for Windows.

Displaying the caption "Update your Windows," the spam mails spoof their headers so that they seem as being sent from the domain address, no-reply@microsoft.com.

Also, depicting a lengthy message, these spam mails assert that Microsoft has just released an update for all Windows software wherein Windows 2000 in also included albeit the particular OS isn't any longer supported.

Moreover, the spammers assert that e-mail users' PCs are configured to get online notices therefore they must load the so-called security update which can be obtained from a given attachment named KB453396-ENU.zi. But, the .zip file doesn't contain any update, rather it has an installer that loads a PC worm, which proliferates through USB sticks and which Sophos has detected as W32/Autorun-BMF.

Additionally, since on opening the attachment, nothing is exhibited that could raise doubts in the minds of users, therefore the malware purveyors try to escape notice by asserting inside the spam mails that because the OSs have chosen for executing updates behind the screen, the attachment looks blank.

Also notably, the signing name within the e-mails is Steve Lipner who's Microsoft security team's senior member, all to make the messages appear genuine. Obviously, there's no role of Mr. Lipner in these e-mails. Besides, Microsoft doesn't ever issue security updates through electronic mail attachments. Earlier too, many attacks occurred that abused Mr. Lipner's name.

Said Senior Technology Consultant Graham Cluley at Sophos, despite such a lot of effort from the cyber-criminals towards duping gullible PC-users, one might've thought that the criminals would've been more careful in not making a fundamental mistake i.e. using no-reply@microsoft.com as the e-mail sender's address. Sophos blog published this on January 4, 2011.

And while the researchers remark that crooks on the Internet are once again using their traditional ruse of disseminating malicious software in the guise of a Microsoft patch, users must exercise utter vigilance while handling e-mail attachments however trustworthy their sources may seem.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 1/13/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page