Fake Microsoft patch email sends users to Trojan Horse

Eileen Kennedy, News Writer

Hackers are now circulating fraudulent email claiming to be patch updates from Microsoft, according to security companies and the SANS Internet Storm Center.

The deceptive email urges users

Requires Free Membership to View

to go to a fake url where they can download an "update," which is actually a Trojan Horse that could infiltrate their networks.

The center said it has received several recent reports of fake Microsoft email addressed to specific individuals at the companies where they work.

The emails claim that the recipients have been identified as users of Microsoft Genuine Software and that Outlook needs to be patched, according to the center.

The center's incident handlers said they have seen four different urls included in spam and that users are directed to the urls for updates. The email messages are reportedly rife with misspellings and use words that are similar to those that Microsoft uses but are not exactly the same.

Handlers have already submitted the malware to most antivirus vendors, according to the center.

Microsoft Internet Explorer 7 security features include anti-phishing capabilities that would alert a user who tries to click on the link of any Web site that has been designated as a threat, said Serdar Yegulalp, an author and editor of Windows Power Users Newsletter. It's likely that within half a day to a day, security vendors will update their products so they block users from accessing these sites, Yegulalp said. "But it certainly wouldn't hurt for an IT manager to inform people at large that this is a threat," Yegulalp said.

Microsoft does not usually send out random patch notices to users.

The company usually limits its updates to a group of monthly patches it announces on the second Tuesday of every month. Users can download them from Microsoft's Web site or through the company's update services.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: