Bogus alert from Microsoft Digital Crimes Unit carries malware
Posted on 08.03.2013
Malware peddlers are impersonating Microsoft's Digital Crimes Unit to convince users to download a malicious attachment and run it on their computers, warns Sophos.

The email talks about vulnerabilities, hackers, a new "security measure" developed by Microsoft, and says that all Microsoft users are "required to validate there [sic] email account information":


Unfortunately, those who are tricked into downloading the attached Microsoft_STF_install.zip file will not get "updated on Microsoft security database," but will be saddled with malware.

Remember: never download attachments from unsolicited emails - no matter how legitimate they look and what dire consequences they predict will happen if you don't.









Spotlight

Compromised cPanel "Account Suspended" pages redirect to exploit kit

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Feb 27th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //