We've Relocated!
We've relocated our office to Sequim, but we're not gone! We welcome you to register with us to access our updated contact information. Also, as a registered user, you'll be able to learn more about our newly-implemented LogMeIn Rescue service, which enables us to solve many computer problems within minutes of your call! Register today!| Windows Update Scam Contains Virus |
 |
 |
 |
| Written by Ed Oswald of betanews.com | |||
| Friday, 08 April 2005 23:28 | |||
|
A new scam by hackers has some people believing they are receiving an e-mail about a critical update to Windows when in actuality they are installing a Trojan horse, Sophos said on Friday. The e-mail directs victims to a fake version of the Windows Update site, where there are links to download the malicious "patches."
"The email uses the Microsoft branding and style so to the casual observer it appears to be legitimate," Gregg Mastoras, Senior Security Analyst at Sophos, told BetaNews. If users download the "patches," they are actually installing the Troj/DSNX-05 Trojan horse that lets the attackers remotely take control of the infected PC. People may be more apt to click on the links since the e-mails are coming around the same time as Microsoft's April security updates. Microsoft, since making a commitment last year to better secure its products, has been issuing aggregate updates each month, sometimes with as many as a dozen patches at a time. Mastoras, however, disagreed with that theory. "My assumption is most people don't know Microsoft's security update schedule, so I don't think that influences the timing," he said. Most updated anti-virus programs should pick up the Trojan before it has a chance to install. Nonetheless, Sophos is urging users to watch what they download. "Clicking on a link in an e-mail is equivalent to downloading a file onto your computer. So if you don't know who is sending you the e-mail or it is unsolicited, users should delete the e-mail," Mastoras added.
|