Bogus E-Mails Purport to be Microsoft Security Patch

Security researchers recently spotted a spam mail circulating online, which apparently notifies of a security update for Microsoft's Windows OS. Computer Active published this on August 10, 2011.

Providing a web-link inside the message, the fake e-mail directs recipients that they should click it for reading the necessary details. But, on clicking, the user is taken onto a malevolent executable file, which on running drops malware on his system.

Reportedly, the message's text states that Microsoft lately issued fresh critical security update useful for all Windows editions. Users deploying this patch can safeguard their PCs from local attackers trying to hijack the systems and acquire hold over them. Thus the e-mail recipient can safeguard his own computer by loading the given patch from Microsoft, the message adds.

Moreover, the e-mail as well displays the web-link for taking down the security update. However, it exhibits several grammatical and spelling mistakes.

Meanwhile, the security investigators analyzed real-world data for electronic mail traffic, which had been gathered from more than 100,000 companies globally. The data aided in giving various information regarding worldwide security trends and threats related to e-mail as well as studying the same.

Further, according to the investigators at Microsoft, they don't know what the web-link in the e-mail is likely to do, however, they warn users against clicking on it.

The researchers remarked that cyber-criminals spewed spam mails or malware campaigns related to Microsoft and used the tactic for conning end-users who inclined to have faith in large brands. The purpose typically related to duping Internet users into taking down malware that could expose their computers to more assaults.

What's more, it isn't just the software company Microsoft that's being scammed via security update e-mails. According to investigators at security firm Sophos, bogus e-mails posing as update notices from Firefox too are doing the rounds.

Moreover, it isn't also new to have users of Microsoft software become targets of an Internet fraud. Previously this year (2011), crooks exploited people's anxiety regarding insufficient security within Microsoft's different software including Windows OS through alert messages that there was danger on their computers.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 8/20/2011