Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate.
Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case.
Email scams are a common way to spread malware and/or steal personal information. Some great guidelines to help you protect yourself from such scams are outlined here.
We have recently found out about the latest in an ongoing string of email scams that target Microsoft customers. This particular scam contains the Backdoor:Win32/Haxdoor trojan as an attachment. We have seen a few emails targeting Microsoft customers that look like the email below:
It’s not the first time we’ve seen this attack vector used in this way, but most AV software with a recent signature file should catch this e-mail as it comes in.
It shouldn’t be a big problem for corporates.
The email is as follows:
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update
for OS Microsoft Windows. The update applies to the following OS versions:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium,
Microsoft Windows XP, Microsoft Windows Vista.
Please notice, that present update applies to high-priority updates
category. In order to help protect your computer against security
threats and performance problems, we strongly recommend you to
install this update.
Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a
malicious software, we made a decision to issue an experimental private
version of an updatefor all Microsoft Windows OS users.
As your computer is set to receive notifications when new updates are
available, you have received this notice.
In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.
If nothing changes after you have run the file, probably in the settings
of your OS you have an indication to run all the updates at a background
routine. In that case, at this point the upgrade of your OS will be finished.
We apologize for any inconvenience this back order may be causing you.
Director of Security Assurance
Once again be aware, perhaps stick a rule in your IDS at the mail gateway so you know if this one comes in.
And do tell people about it!
Source: Microsoft Technet (Thanks Navin)
- Santoku Linux – Mobile Forensics, Malware Analysis, and App Security Testing LiveCD
- Appie – Portable Android Security Testing Suite
- Flash Zero Day Being Exploited In The Wild
- Fake Microsoft Patch – BeastPWS-C
- 419 Scammers Duplicate Interpol Site
- Web Services Attack Frequency Increasing
Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,404 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,512 views
- US considers banning DRM rootkits – Sony BMG - 44,947 views