IT security and control firm Sophos is warning computer users to be on their guard following the discovery of a malicious Trojan horse spam campaign disguised as Microsoft's monthly security bulletin. The messages were first discovered yesterday and continue to cause problems today, coinciding with Microsoft's monthly “Patch Tuesday” cycle - when the software giant issues an update of genuine critical patches.
Samples intercepted at SophosLabs have the subject line “Security Update for OS Microsoft Windows” and claim to come from Steve Lipnser at securityassurance@microsoft.com. The e-mails attempt to fool unsuspecting computer users that the attached file is a high priority update that should be installed by users of various flavours of Microsoft Windows. However, running the attached file infects Windows users with the Mal/EncPk-CZ Trojan horse, and could give hackers control over your PC.
"Computer users need to learn that Microsoft never sends out security updates as e-mail attachments, and that they should always visit the genuine Microsoft Web site or use automatic updating processes to keep their systems current," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"By timing their attack to coincide with Microsoft's genuine monthly patch cycle, the spammers are hoping to trick more unwary computer users who might be awaiting the update, keen to defend themselves against future cyber attacks. However, falling for this scam will do precisely the opposite and could result in identity theft or financial losses,” he says.
Sophos recommends that all computer users exercise caution when opening unsolicited e-mails, and ensure they are fully defending against attacks, including spam, phishing and malware.
For more information, including a graphic of the spam message, please visit: http://www.sophos.com/blogs/gc/g/2008/10/13/malicious-microsoft
Share
Sophos South Africa
NetXactics, trading as Sophos South Africa, is a South African-based company focused on the provision of security solutions. It is the master distributor for UK-based Sophos Plc, one of the leaders in the provision of network access control and endpoint, e-mail and Web security and control solutions for the corporate environment. For more information, visit Sophos South Africa at www.sophos.co.za.
Sophos
Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, Web and e-mail solutions simplify security to provide integrated defences against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognised for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, Massachusetts and Oxford, UK.
Editorial contacts