E-mail Scammers Target Microsoft Users


Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate.

Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case.

Email scams are a common way to spread malware and/or steal personal information. Some great guidelines to help you protect yourself from such scams are outlined here.

We have recently found out about the latest in an ongoing string of email scams that target Microsoft customers. This particular scam contains the Backdoor:Win32/Haxdoor trojan as an attachment. We have seen a few emails targeting Microsoft customers that look like the email below:

It’s not the first time we’ve seen this attack vector used in this way, but most AV software with a recent signature file should catch this e-mail as it comes in.

It shouldn’t be a big problem for corporates.

The email is as follows:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update
for OS Microsoft Windows. The update applies to the following OS versions:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium,
Microsoft Windows XP, Microsoft Windows Vista.

Please notice, that present update applies to high-priority updates
category. In order to help protect your computer against security
threats and performance problems, we strongly recommend you to
install this update.

Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a
malicious software, we made a decision to issue an experimental private
version of an updatefor all Microsoft Windows OS users.


As your computer is set to receive notifications when new updates are
available, you have received this notice.

In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.

If nothing changes after you have run the file, probably in the settings
of your OS you have an indication to run all the updates at a background
routine. In that case, at this point the upgrade of your OS will be finished.

We apologize for any inconvenience this back order may be causing you.

Thank you,

Steve Lipner
Director of Security Assurance
Microsoft Corp.

Once again be aware, perhaps stick a rule in your IDS at the mail gateway so you know if this one comes in.

And do tell people about it!

Source: Microsoft Technet (Thanks Navin)

Posted in: Malware, Spammers & Scammers

, , , , , , , ,


Latest Posts:


truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.


8 Responses to E-mail Scammers Target Microsoft Users

  1. navin October 16, 2008 at 3:03 pm #

    As always
    cheers :)

  2. Morgan Storey October 17, 2008 at 1:25 am #

    it is mindblowing that people still fall for these scams.

  3. navin October 17, 2008 at 1:23 pm #

    cmon, today people trust Facebook with their most intimate details, and tht’s a site tht’s not even a decade old!! Most consider Microsoft a demigod company….so an email from them is accepted with Zero logic!!

  4. Cor-Paul October 20, 2008 at 7:48 am #

    @navin I think most current computer users have zero logic anyways :)

  5. Gul October 20, 2008 at 11:57 am #

    Hi guys…

    I think that majority of people just doesn’t realized, that’s just a big ‘joke’. Remind you of the first years of internet, we were like child (some of us were, actually) with stars in the eyes, and a certain taste to discover what lies in the all new world. But we didn’t really knew what shall be founded. know we’ve grown up and a more prepared to face this hostile lands. But for a lot of people, it’s just like what it was for us decades ago… Plus the new bad guys, and not everyone really understand what their up to. “And, you know, when my computer is broken, I only need to reinstall windows”… Yeah, they just are like us decades ago… But they didn’t realize that threats are bigger, and are not just about breaking you windows, forcing you to reinstall…

    I think we really need to make them grow up a little bit. After all, now we are the veterans ;)

  6. navin October 20, 2008 at 6:28 pm #

    duh!! but meh

    who cares bout them dopes anyways?? U can take a horse to a watering hole but u can’t force it to drink water…..similarly, u can tell dopes to secure themselves a million times, but u can’t force them to act logically!!

  7. Gul October 21, 2008 at 8:31 am #

    We just have to ‘educate’ them. Could be fun, you just take the ‘big mouths’/hierarchic superiors/etc in a group, show them how it’s funny all the informations you can gather from their social networks and with forged emails and them make them become just a bit paranoid… Then, you just have to look how the information flows ;)

    Social engineering can be used for that too ;)

  8. goodpeople October 27, 2008 at 8:20 am #

    I agree with Gul. Education is the only solution. Plus that we have to whatever we can at a technical level to protect our sheep.

    But I fear that there will always be a market for this kind of threat.