Beware of fake Microsoft update notifications

Criminals are once again sending out fake security update notices in an effort to spread their trojans. The emails notify recipients of a Critical Security Update for Microsoft Windows (KB946026) and include a link to what is claimed to be a patch. The style of the email is very similar that used by Microsoft to describe its downloads, including information on size and download times, although the sender's address - Microsoft Corporation - should alert readers to the danger of taking these emails at face value.

As Microsoft never sends out emails linking to its security updates, recipients of such a message should be on their guard

Rather than fixing a security hole, installing the patch that the link sends you actually installs the Virut.AI IRCBot on your system. Thankfully, with the exception of eTrust, in a recent test all the popular virus scanners spotted this malware. You will find advice on email and safety in the Anti-Virus Services section of the heise Security site.

Advertisement

(mba)