Raptrex 0 Report post Posted April 9, 2005 A new scam by hackers has some people believing they are receiving an e-mail about a critical update to Windows when in actuality they are installing a Trojan horse, Sophos said on Friday. The e-mail directs victims to a fake version of the Windows Update site, where there are links to download the malicious "patches.""The email uses the Microsoft branding and style so to the casual observer it appears to be legitimate," Gregg Mastoras, Senior Security Analyst at Sophos, told BetaNews.If users download the "patches," they are actually installing the Troj/DSNX-05 Trojan horse that lets the attackers remotely take control of the infected PC.People may be more apt to click on the links since the e-mails are coming around the same time as Microsoft's April security updates. Microsoft, since making a commitment last year to better secure its products, has been issuing aggregate updates each month, sometimes with as many as a dozen patches at a time.Mastoras, however, disagreed with that theory. "My assumption is most people don't know Microsoft's security update schedule, so I don't think that influences the timing," he said.Most updated anti-virus programs should pick up the Trojan before it has a chance to install.Nonetheless, Sophos is urging users to watch what they download. "Clicking on a link in an e-mail is equivalent to downloading a file onto your computer. So if you don't know who is sending you the e-mail or it is unsolicited, users should delete the e-mail," Mastoras added. http://betanews.com/2005/04/08/windows-update-scam-fooling-users/so in other words, if you get an email from microsoft , dont open IT Share this post Link to post Share on other sites
Saint_Michael 3 Report post Posted April 9, 2005 well of course its fake it that obvious why would microsoft email you their is no reason for them to do that plus microsoft don't know your email anyways so its pretty obvious that its a fake Share this post Link to post Share on other sites
NilsC 0 Report post Posted April 9, 2005 Phising, pharming and scamming are one of the dangers on the internet. The poisoned DNS servers is another issue that are getting out of hand.I get 1 to 5 ebay and PayPal scam letters everyday. I have reported 2 different scams on M$ and M$ updates / patchesNils Share this post Link to post Share on other sites
snlildude87 0 Report post Posted April 9, 2005 Phising, pharming and scamming are one of the dangers on the internet. The poisoned DNS servers is another issue that are getting out of hand. I get 1 to 5 ebay and PayPal scam letters everyday. I have reported 2 different scams on M$ and M$ updates / patches Nils 70326[/snapback] Pharming?? Please explain, Nils. Well, if you're using Windows XP, then shouldn't all updates be delivered straight to your computer by a little program that sits on your system tray? Share this post Link to post Share on other sites
Izlude 0 Report post Posted April 10, 2005 well of course its fake it that obvious why would microsoft email you their is no reason for them to do that plus microsoft don't know your email anyways so its pretty obvious that its a fake 70280[/snapback] Man ... That trick is sooooo old and still people fall for it EVERY DAY and its alarming.... someone should start a REAL (sorry aol) campaign against these viruses/trojans/etc. Share this post Link to post Share on other sites
badinfluence 0 Report post Posted April 10, 2005 nice topic... i was always looking for those articles to learn.. pls keep update!! Share this post Link to post Share on other sites
iGuest 3 Report post Posted April 22, 2005 One of the most obvious signs that such emails are scams is the poor spelling or bad grammer often found in the message body. In the example of this bogus email which can be found at: http://forums.xisto.com/no_longer_exists/ you will see such things as "Fill your informations", "reserve the rights" and "for an unlimited perriod". You will also see unclear thinking by the use of words like "Apparently" where if it were actually true, they would have said something like "We have detected an unusual number of emails" indicating a supposed fact rather then an apparent guess. These scam emails are perpetrated by folks with some html code knowledge but with a poor knowledge of the English language. I rather believe that these scams are a result of our unfortunate "instant gratification" society since the perpetrators think they can do no wrong, will not get caught and don't take the time to correct mistakes (like spellchecking their work). Just some info to keep in mind... Share this post Link to post Share on other sites
iGuest 3 Report post Posted April 22, 2005 Opps, sry for the double post. I attempted to correct a spelling error....lol.If the admins could delete the first one for me...and this one....much appreciated. Share this post Link to post Share on other sites
Shackman 0 Report post Posted April 23, 2005 yeah..quite true...usually hackers are those who don't go to school and they don't do well in grammer....and Dark_Dude, i've deleted your previous post like you requested. thanks for the post, it really contributed.-Shackman Share this post Link to post Share on other sites
