E-mail Scammers Target Microsoft Users

The New Acunetix V12 Engine


Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate.

Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case.

Email scams are a common way to spread malware and/or steal personal information. Some great guidelines to help you protect yourself from such scams are outlined here.

We have recently found out about the latest in an ongoing string of email scams that target Microsoft customers. This particular scam contains the Backdoor:Win32/Haxdoor trojan as an attachment. We have seen a few emails targeting Microsoft customers that look like the email below:

It’s not the first time we’ve seen this attack vector used in this way, but most AV software with a recent signature file should catch this e-mail as it comes in.

It shouldn’t be a big problem for corporates.

The email is as follows:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update
for OS Microsoft Windows. The update applies to the following OS versions:
Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium,
Microsoft Windows XP, Microsoft Windows Vista.

Please notice, that present update applies to high-priority updates
category. In order to help protect your computer against security
threats and performance problems, we strongly recommend you to
install this update.

Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a
malicious software, we made a decision to issue an experimental private
version of an updatefor all Microsoft Windows OS users.


As your computer is set to receive notifications when new updates are
available, you have received this notice.

In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.

If nothing changes after you have run the file, probably in the settings
of your OS you have an indication to run all the updates at a background
routine. In that case, at this point the upgrade of your OS will be finished.

We apologize for any inconvenience this back order may be causing you.

Thank you,

Steve Lipner
Director of Security Assurance
Microsoft Corp.

Once again be aware, perhaps stick a rule in your IDS at the mail gateway so you know if this one comes in.

And do tell people about it!

Source: Microsoft Technet (Thanks Navin)

Posted in: Malware, Spammers & Scammers

, , , , , , , ,


Latest Posts:


testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.


8 Responses to E-mail Scammers Target Microsoft Users

  1. navin October 16, 2008 at 3:03 pm #

    As always
    cheers :)

  2. Morgan Storey October 17, 2008 at 1:25 am #

    it is mindblowing that people still fall for these scams.

  3. navin October 17, 2008 at 1:23 pm #

    cmon, today people trust Facebook with their most intimate details, and tht’s a site tht’s not even a decade old!! Most consider Microsoft a demigod company….so an email from them is accepted with Zero logic!!

  4. Cor-Paul October 20, 2008 at 7:48 am #

    @navin I think most current computer users have zero logic anyways :)

  5. Gul October 20, 2008 at 11:57 am #

    Hi guys…

    I think that majority of people just doesn’t realized, that’s just a big ‘joke’. Remind you of the first years of internet, we were like child (some of us were, actually) with stars in the eyes, and a certain taste to discover what lies in the all new world. But we didn’t really knew what shall be founded. know we’ve grown up and a more prepared to face this hostile lands. But for a lot of people, it’s just like what it was for us decades ago… Plus the new bad guys, and not everyone really understand what their up to. “And, you know, when my computer is broken, I only need to reinstall windows”… Yeah, they just are like us decades ago… But they didn’t realize that threats are bigger, and are not just about breaking you windows, forcing you to reinstall…

    I think we really need to make them grow up a little bit. After all, now we are the veterans ;)

  6. navin October 20, 2008 at 6:28 pm #

    duh!! but meh

    who cares bout them dopes anyways?? U can take a horse to a watering hole but u can’t force it to drink water…..similarly, u can tell dopes to secure themselves a million times, but u can’t force them to act logically!!

  7. Gul October 21, 2008 at 8:31 am #

    We just have to ‘educate’ them. Could be fun, you just take the ‘big mouths’/hierarchic superiors/etc in a group, show them how it’s funny all the informations you can gather from their social networks and with forged emails and them make them become just a bit paranoid… Then, you just have to look how the information flows ;)

    Social engineering can be used for that too ;)

  8. goodpeople October 27, 2008 at 8:20 am #

    I agree with Gul. Education is the only solution. Plus that we have to whatever we can at a technical level to protect our sheep.

    But I fear that there will always be a market for this kind of threat.