A fake Microsoft email urges users to install the latest Windows update, and even links and takes them to a site which sure seems to be a real Microsoft website.....
But it isn’t. And the email actually leads to the installation of a trojan horse file. The payload file is named “Wupdate-20050401.exe", and it will turn your Windows PC into a dedicated spamming machine, at the remote beck and call of the spammer who stands ready and waiting for you to make the click which will install the Wupdate-20050401.exe file on your machine.
And reports indicate that the processes associated with Wupdate-20050401.exe are capable of taking control of 100% of your system’s processes, leaving you and your machine dead in the water.
In addition to the email looking like it comes from Microsoft, (see pic below)and offering a link to a site which looks like a Microsoft site, the timing of this email couldn’t be more perfect, as Microsoft has just announced that they in fact about to release several new patches for Windows. The new legitimate Microsoft Windows patches are due out next Tuesday.
Perhaps worst of all, the email is unlikely to be caught by spam filters, further giving it an appearance of legitimacy. “The e-mail won’t be picked up through anti-spyware software because the .exe file does not contain spyware signatures that would be used to identify it as potentially harmful,” said Martino Corbelli from SurfControl.
So what can the Windows user do to protect themselves, especially knowing that there is a legitimate update coming out in a few days? According to Graham Cluley, a senior technology consultant with Internet security firm Sophos, “Microsoft does not issue security warnings this way. They don’t send updates in an HTML format, so don’t follow the links in an e-mail.
If you want to see if an update is real, you need to go to the real Microsoft Web site and check there.”
And just so you have it handy, the URL for that real Microsoft website is at http://www.microsoft.com/security/.
No comments:
Post a Comment