Windows hit by fake security emails
Haxdoor malware tries new technique.
By Robert McMillan, IDG News Service
Published: 09:33 GMT, 14 October 08
Scammers are sending out fake emails that claim to include critical Windows security alerts, Microsoft warned Monday.
The fake alerts describe themselves as part of a new "experimental private version of an update for all Microsoft Windows OS users," Microsoft said in a note on the scam, posted Monday.
The emails then instruct the victim to download an attachment, which is actually a malicious Trojan Horse program known as Win32/Haxdoor. This software records sensitive information such as passwords and credit card numbers and sends this data back to the attackers who are running the scam.
The malware is well-known, however, and is detected by anti-virus programs as well as Microsoft's free Microsoft Malicious Software Removal Tool (MSRT).
The warning comes the day before Microsoft is set to deliver 11 genuine security fixes. These updates include critical security updates for Windows Active Directory, Internet Explorer, Excel and the Microsoft Host Integration Server.
But they will be delivered via Microsoft's standard automated update tools. Major software vendors such as Microsoft never distribute security patches via email.
"As a matter of company policy, Microsoft will never send you an executable attachment," wrote Microsoft spokesman Christopher Budd in a blog posting on the scam. "If you get an email that claims to be a security notification with an attachment, delete it. It is always a spoof."
Microsoft does, however, send out security notification emails to customers who have asked to be told whenever patches are released or updated. These emails are in plain text and never contain any sort of attachment, Budd said.
Users who have doubts about any security notification email they've received can go to Microsoft's TechNet security website, which contains the same information as its email notifications.
.gif)
Add your commentComments
Reid | Published: 14:29 GMT, 15 October 2008
Hello Thanks for your alert I have Notice These tricks before The first one look like a microsoft Icon and try to start on its own without me even clicking on it but I move very fast and press my power off switch the computer shut down and stop its action I then went to safe mode scan and search my regedit then I defrag and scan and search one more time, in most email I only read the header without open the mail forget attechment I never open those I dont care who its from... it keep things cool for now Thank you for your warning I read all your email you sent me Merton blackeaglenest@msn.com