Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Bogus E-mails Distribute Malware Disguised as Windows Update

Researchers at Sophos the anti-virus company caution that one fresh e-mail scam is distributing malware as it attempts at passing one AutoRun worm, which reportedly pretends to be an important security update for Windows.

Displaying the caption "Update your Windows," the spam mails spoof their headers so that they seem as being sent from the domain address, no-reply@microsoft.com.

Also, depicting a lengthy message, these spam mails assert that Microsoft has just released an update for all Windows software wherein Windows 2000 in also included albeit the particular OS isn't any longer supported.

Moreover, the spammers assert that e-mail users' PCs are configured to get online notices therefore they must load the so-called security update which can be obtained from a given attachment named KB453396-ENU.zi. But, the .zip file doesn't contain any update, rather it has an installer that loads a PC worm, which proliferates through USB sticks and which Sophos has detected as W32/Autorun-BMF.

Additionally, since on opening the attachment, nothing is exhibited that could raise doubts in the minds of users, therefore the malware purveyors try to escape notice by asserting inside the spam mails that because the OSs have chosen for executing updates behind the screen, the attachment looks blank.

Also notably, the signing name within the e-mails is Steve Lipner who's Microsoft security team's senior member, all to make the messages appear genuine. Obviously, there's no role of Mr. Lipner in these e-mails. Besides, Microsoft doesn't ever issue security updates through electronic mail attachments. Earlier too, many attacks occurred that abused Mr. Lipner's name.

Said Senior Technology Consultant Graham Cluley at Sophos, despite such a lot of effort from the cyber-criminals towards duping gullible PC-users, one might've thought that the criminals would've been more careful in not making a fundamental mistake i.e. using no-reply@microsoft.com as the e-mail sender's address. Sophos blog published this on January 4, 2011.

And while the researchers remark that crooks on the Internet are once again using their traditional ruse of disseminating malicious software in the guise of a Microsoft patch, users must exercise utter vigilance while handling e-mail attachments however trustworthy their sources may seem.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 13-01-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next