NEWS Security firms are warning about a spam email which purports to be a Windows Update from Microsoft. However, when launched recipients will infect their machine with malicious code.
The email appears as though it is from Microsoft, coming from the spoofed address update@microsoft.com with subject lines such as 'Update your Windows machine', and links through to a website which mirrors the design of a proper Windows Update page but as the page opens it will download a malicious .exe into a Windows directory and install a Trojan horse (DSNX-05).
While running, the application will consume 100 per cent of CPU power by forcing the CPU to perform continuous processes, according to a report from SurfControl.
SurfControl first intercepted the email in Australia. As is often the case it then followed the sun west as different time zones came online.
Graham Cluley, senior technology consultant for Sophos, said: "We have long recommended that computer users keep up-to-date with the latest security patches, as Microsoft vulnerabilities are often exploited by viruses, worms and hackers. But users must be very careful to be sure they are going to the official update websites, rather than just following links in emails which have been sent by hackers."
Cluley added that Microsoft does not issue security warnings in this way.
"Users should be on their guard whenever they receive an email like this," he added.
Comments
There are 2 comments. Join the discussion
1. anonymous
Is there anyone out there who would explain to me the reason or the appeal of inventing and releasing a virus out into the internet? In all sincerety, Kiki
2. anonymous
Kiki said "Is there anyone out there who would explain to me the reason or the appeal of inventing and releasing a virus out into the internet? In all sincerety, Kiki"
Well, yeah.. There are financial rewards to be had.. Namely, if they can put a malicious piece of code on your machine that steals your banking passwords, they are home and away. Or, if you have something to hide, then they can get hold of that info and use it against you. Or, they can use your email addresses and machine to send out spam, some people still buy from spammers.
Then there is control of your PC. If they can control it, they can use it to 'block out' internet sites and so hold the site owners to ransom.
Then there are those who justify the writing of viruses to expose the security holes in software.
Naturally, there is also an advantage to a government, if they can bring to a halt the computers of a rival (Iraq, for example, would probably relish the idea of bringing down the American governments network).
Thats just a few. Finally, there are those who are simply mischievious and wish to cause havoc and mayhem in their wake.
But, I think the overriding factor in it is crime and money.
I do hope that helps