IT security and control firm Sophos is warning computer users to
be on their guard following the discovery of a malicious Trojan
horse spam campaign disguised as Microsoft's monthly security
bulletin. The messages were first discovered yesterday and continue
to cause problems today, coinciding with Microsoft's monthly 'Patch
Tuesday' cycle - when the software giant issues an update of
genuine critical patches.
Samples intercepted at SophosLabs have the subject line
'Security Update for OS Microsoft Windows' and claim to come from
Steve Lipnser at firstname.lastname@example.org. The emails
attempt to fool unsuspecting computer users that the attached file
is a high priority update that should be installed by users of
various flavours of Microsoft Windows. However, running the
attached file infects Windows computer users with the Mal/EncPk-CZ
Trojan horse, and could give hackers control over your PC.
"Computer users need to learn that Microsoft never sends out
security updates as email attachments, and that they should always
visit the genuine Microsoft website, or use automatic updating
processes, to keep their systems current," said Graham Cluley, senior
technology consultant at Sophos. "By timing their attack to
coincide with Microsoft's genuine monthly patch cycle, the spammers
are hoping to trick more unwary computer users who might be
awaiting the update, keen to defend themselves against future cyber
attacks. However, falling for this scam will do precisely the
opposite and could result in identity theft or financial
Sophos recommends that all computer users exercise caution when
opening unsolicited emails, and ensure they are fully defending
against attacks, including spam, phishing and malware.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.