Fake Windows security update leads to malicious Web site

    From Security Bytes, May 23rd, 2005
     
    If you see a Microsoft security update in your inbox, don't open it. Instead of patching your computers, it'll take you to a malicious Web site, said Lynnfield, Mass., antivirus firm Sophos. Sophos said an e-mail campaign has been launched to direct users to a bogus site that looks like Microsoft's official security Web page. But if users follow the links in the e-mail for downloading updates, they get infected with the Troj.DSNX-05 Trojan, which allows hackers to take remote control of the infected PC.
     
    The e-mails claim to come from "Windows Update" [update@microsoft.com] and include subject lines like "Update your windows machine," "Urgent Windows Update" and "Important Windows Update." The e-mail body claims to link to Microsoft's Windows Update site but instead links to a site controlled by hackers.
     
    "This criminal campaign exploits the public's rising paranoia about the security of their Windows computers. If users fall for it they may put themselves at risk of being spied upon or having their credit card and online banking details stolen," Graham Cluley, Sophos' senior technology consultant, said by e-mail. "Users must be very careful to be sure they are going to the official update Web sites, rather than just following links in e-mails which have been sent by hackers."
     
   

<Back to What's New>