Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate.
Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case.
Email scams are a common way to spread malware and/or steal personal information. Some great guidelines to help you protect yourself from such scams are outlined here.
We have recently found out about the latest in an ongoing string of email scams that target Microsoft customers. This particular scam contains the Backdoor:Win32/Haxdoor trojan as an attachment. We have seen a few emails targeting Microsoft customers that look like the email below:
It’s not the first time we’ve seen this attack vector used in this way, but most AV software with a recent signature file should catch this e-mail as it comes in.
It shouldn’t be a big problem for corporates.
The email is as follows:
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update
for OS Microsoft Windows. The update applies to the following OS versions:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium,
Microsoft Windows XP, Microsoft Windows Vista.Please notice, that present update applies to high-priority updates
category. In order to help protect your computer against security
threats and performance problems, we strongly recommend you to
install this update.Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a
malicious software, we made a decision to issue an experimental private
version of an updatefor all Microsoft Windows OS users.As your computer is set to receive notifications when new updates are
available, you have received this notice.In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.If nothing changes after you have run the file, probably in the settings
of your OS you have an indication to run all the updates at a background
routine. In that case, at this point the upgrade of your OS will be finished.We apologize for any inconvenience this back order may be causing you.
Thank you,
Steve Lipner
Director of Security Assurance
Microsoft Corp.
Once again be aware, perhaps stick a rule in your IDS at the mail gateway so you know if this one comes in.
And do tell people about it!
Source: Microsoft Technet (Thanks Navin)
navin says
As always
cheers :)
Morgan Storey says
it is mindblowing that people still fall for these scams.
navin says
cmon, today people trust Facebook with their most intimate details, and tht’s a site tht’s not even a decade old!! Most consider Microsoft a demigod company….so an email from them is accepted with Zero logic!!
Cor-Paul says
@navin I think most current computer users have zero logic anyways :)
Gul says
Hi guys…
I think that majority of people just doesn’t realized, that’s just a big ‘joke’. Remind you of the first years of internet, we were like child (some of us were, actually) with stars in the eyes, and a certain taste to discover what lies in the all new world. But we didn’t really knew what shall be founded. know we’ve grown up and a more prepared to face this hostile lands. But for a lot of people, it’s just like what it was for us decades ago… Plus the new bad guys, and not everyone really understand what their up to. “And, you know, when my computer is broken, I only need to reinstall windows”… Yeah, they just are like us decades ago… But they didn’t realize that threats are bigger, and are not just about breaking you windows, forcing you to reinstall…
I think we really need to make them grow up a little bit. After all, now we are the veterans ;)
navin says
duh!! but meh
who cares bout them dopes anyways?? U can take a horse to a watering hole but u can’t force it to drink water…..similarly, u can tell dopes to secure themselves a million times, but u can’t force them to act logically!!
Gul says
We just have to ‘educate’ them. Could be fun, you just take the ‘big mouths’/hierarchic superiors/etc in a group, show them how it’s funny all the informations you can gather from their social networks and with forged emails and them make them become just a bit paranoid… Then, you just have to look how the information flows ;)
Social engineering can be used for that too ;)
goodpeople says
I agree with Gul. Education is the only solution. Plus that we have to whatever we can at a technical level to protect our sheep.
But I fear that there will always be a market for this kind of threat.