News

Fake Microsoft Security Update Makes Rounds

Sophos quickly warns of fake Trojan-laden e-mail disguised as Microsoft Security Bulletin update hitting inboxes.

A day after the Patch Tuesday release and in the same week Sophos announced a new partnership with Microsoft to educate and protect users from emerging IT security threats, the independent security firm announced something else Microsoft related -- or not.

The security and research firm on Wednesday afternoon indentified malicious Trojan horse-laden e-mails disguised as a notice for a "new Microsoft security update," which was supposed to coincide with the software giant's issuance of critical and important security bulletins as part of a monthly roll out cycle. The erroneous e-mails, which have the subject line "Security Update for OS Microsoft Windows," claim to have come from Steve Lipner at [email protected].

By timing an attack that comes in concert with Microsoft's real monthly patch batch, the hackers are attempting to seize on what might be the short attention span of IT pros on hectic weeks such as this one, when there are 11 fixes to consider. They also want to lure novices who might unwittingly just open the e-mail and the attachment thinking it's a regular Redmond note or newsletter.

The attachment is indentified as "high priority" and is written in the type of language reminiscent of e-mails from a "bank manager" who wants to hand over a vast fortune of a "deposed African dictator or overthrown government" with no strings attached. The fake Microsoft note begins as follows:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millennium, Microsoft Windows XP, Microsoft Windows Vista... ... .

Graham Cluley, senior technology consultant at Sophos, said in an e-mail statement that running the attached file would infect Windows users with the Mal/EncPK-CZ Trojan horse and give hackers control of the PC.

"It's laughable, but it's simple. Users should always visit the genuine Microsoft Website or use automatic updating processes to keep their systems current," he warned.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

comments powered by Disqus

Featured

  • Top 10 GitHub Copilot Extensions, Led by Docker and PerplexityAI

    They work in GitHub.com, the Visual Studio IDE and VS Code, where developers can access various services, perform actions and generate files without leaving those dev environments.

  • The Science Behind User Interface Design

    UI design expert Billy Hollis helps developers and designers grasp the principles of the human visual system to create interfaces that are not only functional but also intuitive and engaging.

  • Random Forest Regression and Bagging Regression Using C#

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the random forest regression technique (and a variant called bagging regression), where the goal is to predict a single numeric value. The demo program uses C#, but it can be easily refactored to other C-family languages.

  • Compare New GitHub Copilot Free Plan for Visual Studio/VS Code to Paid Plans

    The free plan restricts the number of completions, chat requests and access to AI models, being suitable for occasional users and small projects.

  • Diving Deep into .NET MAUI

    Ever since someone figured out that fiddling bits results in source code, developers have sought one codebase for all types of apps on all platforms, with Microsoft's latest attempt to further that effort being .NET MAUI.

Most   Popular

Subscribe on YouTube