Fake Microsoft updates spread malware

A number of erroneous Microsoft updates are being used to spread malware
Publish date:

Internet fraudsters are sending out fake Microsoft security releases, resulting in users installing malware on their systems, reported Techworld.

The fake emails are titled ‘Cumulative Security Update for Internet Explorer’ and claim to fix a critical security flaw. When users click on the ‘download this link’ button they are taken to a server that attempts to install Trojan-Downloader.Win32.Agent.avk, which in turn attempts to reach out to other computers on the Internet in order to install more malware.

Lenny Zeltser, information security practice leader at Gemini Systems, argues that while technically aware users would recognise certain fraudulent signs, the schemes only need to convince a small number of people to work. "You wonder, does it really matter that there are these strange discrepancies in the way the fake security alert is written? People who would notice probably would be the kind of people who wouldn't click on the link."



Malware and Software Solutions

More than ever before, security software is needed. However, as Ben Furfie found when he investigated, more and more PC users are beginning to think they know enough to be secure without the need for dedicated software, just as criminals begin to use psychological methods to ensnare more than ever...