Save content
Have you found this content useful? Use the button above to save it to your profile.
AIA

Virus Alert: Beware fake Microsoft patch emails

by
25th Sep 2007
Save content
Have you found this content useful? Use the button above to save it to your profile.

Microsoft Security alerts are such a part of computing life that virus writers have now created spoof emails to trick users into activating a trojan horse program. John Stokdyk reports.

Symantec's security response blog recently reported on the appearance of fake Microsoft Security Bulletins that either carried the Trojan.Dropper virus as an attachment, or included infected links in the email.

The blog posting includes an example message purporting to be MS06-602, a cumulative security update for Internet Explorer. It's a plausible sounding message an an extremely clever piece of what security experts call "social engineering" to trick people into activating the malicious code - but no such bulletin exists.

"We urge users to refrain from opening files or clicking links in emails from unknown sources," writes blog contributor Vikram Thakur.

"We recommend all users to always keep their computers up-to-date on latest patch levels for all software installed. In doing so, it's important that users always download these patches from the original software vendor sites, by visiting the sites themselves rather than following links in emails or other third-party Web pages."

IT security seminar, 17 October, London
AccountingWEB's security adviser Stewart Twynham will cover IT security from the ground up, including the basic principles of confidentiality, integrity and availability. This will be followed by a case study of how RBS has implemented the information security standard ISO27001.
Click for more details or visit our Events page to book a place.
Tags:

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.