Windows Update Scam Fooling Users
A new scam by hackers has some people believing they are receiving an e-mail about a critical update to Windows when in actuality they are installing a Trojan horse, Sophos said on Friday. The e-mail directs victims to a fake version of the Windows Update site, where there are links to download the malicious "patches."
"The email uses the Microsoft branding and style so to the casual observer it appears to be legitimate," Gregg Mastoras, Senior Security Analyst at Sophos, told BetaNews.
If users download the "patches," they are actually installing the Troj/DSNX-05 Trojan horse that lets the attackers remotely take control of the infected PC.
People may be more apt to click on the links since the e-mails are coming around the same time as Microsoft's April security updates. Microsoft, since making a commitment last year to better secure its products, has been issuing aggregate updates each month, sometimes with as many as a dozen patches at a time.
Mastoras, however, disagreed with that theory. "My assumption is most people don't know Microsoft's security update schedule, so I don't think that influences the timing," he said.
Most updated anti-virus programs should pick up the Trojan before it has a chance to install.
Nonetheless, Sophos is urging users to watch what they download. "Clicking on a link in an e-mail is equivalent to downloading a file onto your computer. So if you don't know who is sending you the e-mail or it is unsolicited, users should delete the e-mail," Mastoras added.