Platinum Member Username: LklivesPost Number: 10247 Registered: Jan-06 | Fake Windows patch e-mail leads to Trojan horse attack (Computerworld) -- Messages insisting that users install a just-released Microsoft Corp. security update are bogus and actually lead to a site that plants malicious code on PCs, several security companies warned today. The spam, which touts "Microsoft Security Bulletin MS07-0065 -- Critical Update" as its subject and appears to come from "update@microsoft.com," claims users should download a June 18 security patch and provides a link to a URL that looks legit. "A new 0-day vulnerability has appeared in the wild," the message reads. "The vulnerability affects machines running MICROSOFT OUTLOOK and allows an attacker to take full control of the vulnerable computer if the exploitation process is succesfull [sic]." It goes on to boast that 100,000 PCs have been hijacked so far by unnamed malware exploiting the bug. However, the link takes users to one of several different attack sites that download a Trojan horse to the machine. "Security bulletins from Microsoft describing vulnerabilities in their software are a common occurrence," noted Graham Cluely, a Sophos PLC analyst, in a statement today. "[But] by using people's real names, the Microsoft logo and legitimate-sounding wording, the hackers are attempting to fool more people into stepping blindly into their bear trap." The SANS Institute's Internet Storm Center and Symantec Corp.'s DeepSight threat network have also issued alerts on the fraudulent messages. Playing the legitimacy card is an important "scam-spammer" technique, James Blascovich, a professor of psychology at the University of California, Santa Barbara, said yesterday in a just-released paper on the mind games attackers play to persuade people that it's safe to open suspicious e-mail. The fake security alert, for example, refers to "Genuine Microsoft Software," a phrase the company itself heavily promotes; uses the recipient's first name in the body of the message; and includes a purported product registration key. Alert users, however, will be immediately suspicious of the message -- and not just because of the typical-for-spam misspellings -- but because it labeled the update "MS07-0065." So far this year, Microsoft has only reached MS07-035 in its numbering system. Be advised that Microsoft DOES NOT send out security bulletins to your email addresses!! |
Bronze Member Username: Bill038Post Number: 44 Registered: Sep-06 | Thanks LK. Welcome back |
Platinum Member Username: LklivesPost Number: 10253 Registered: Jan-06 | Thanks for supporting my protests to the admin about John M...and to the few others who did also.. |
Silver Member Username: HardrockstrikerPost Number: 937 Registered: Apr-06 | What if we built a large wooden badger?... |
Bronze Member Username: Spike52Post Number: 30 Registered: Aug-06 | Thanks LK for the heads up. Hope your back in the area, the Celts did a little moving yesterday but I am looking forward to the Pats. Happy 4th. |
Platinum Member Username: LklivesPost Number: 10256 Registered: Jan-06 | Funny U mention that, I just left yesterday, flew out of Bradley/ Hartford...was at Hanscom/ Bedford for past week on business and saw my family alot too, and am returning in 2 weeks for awhile this time... yeah I saw the Celtics picked up Ray Allen, BUT...its only a start, need much more...BUT the Pats will kick azz and take names this year!...Brady has much help now with receivers and I love Welker....and the Sox are going to be playing in October this year!...Happy 4th to U and the family.. |
Silver Member Username: GrubPost Number: 104 Registered: Nov-06 | how do I get rid of it? would avast work? or something else? that spycrusher wont go away unless I find it and delete its dir.. any help would be much appeciated |
Silver Member Username: GrubPost Number: 105 Registered: Nov-06 | wow..avast works but I still get shiiit from here when I sign in..lk warned and i got lavasoft..although it doesnt work anymore(it did for a while) everything seems poluted now. |
Platinum Member Username: LklivesPost Number: 10332 Registered: Jan-06 | Ad-Aware..considered the one of the best anti spyware, better than the Norton and Macfee paid programs..and updates daily... http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?p art=dl-ad-aware&subj=dl&tag=top5 spybot..another anti spyware http://www.safer-networking.org/en/download/index.html Spywareblaster 3.51 ..another great anti spyware http://www.javacoolsoftware.com/ AVG 7.5 Anti Virus ...FREE and considered the BEST of all anti VIRUS programs http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10645435.html |
Bronze Member Username: RcfiddlermanPost Number: 31 Registered: Sep-06 | a buddy of mine just got this virus i think, how does he get rid of this, thanx in advance |
Bronze Member Username: Bill038Post Number: 47 Registered: Sep-06 | Have him do a free scan at Panda or Micro Trend. That will tell him if he has anything. Google the addy's. |