Fake Microsoft patch email sends users to Trojan Horse |
 |
By Eileen Kennedy, News Writer
28 Jun 2007 | SearchWinIT.com |
|
|
Hackers are now circulating fraudulent email claiming to be patch updates from Microsoft, according to security companies and the SANS Internet Storm Center.
The deceptive email urges users to go to a fake url where they can download an "update," which is actually a Trojan Horse that could infiltrate their networks.
The center said it has received several recent reports of fake Microsoft email addressed to specific individuals at the companies where they work.
The emails claim that the recipients have been identified as users of Microsoft Genuine Software and that Outlook needs to be patched, according to the center.
The center's incident handlers said they have seen four different urls included in spam and that users are directed to the urls for updates. The email messages are reportedly rife with misspellings and use words that are similar to those that Microsoft uses but are not exactly the same.
Handlers have already submitted the malware to most antivirus vendors, according to the center.
Microsoft Internet Explorer 7 security features include anti-phishing capabilities that would alert a user who tries to click on the link of any Web site that has been designated as a threat, said Serdar Yegulalp, an author and editor of Windows Power Users Newsletter. It's likely that within half a day to a day, security vendors will update their products so they block users from accessing these sites, Yegulalp said. "But it certainly wouldn't hurt for an IT manager to inform people at large that this is a threat," Yegulalp said.
Microsoft does not usually send out random patch notices to users.
The company usually limits its updates to a group of monthly patches it announces on the second Tuesday of every month. Users can download them from Microsoft's Web site or through the company's update services.
|
