Bogus E-mail from Microsoft
isc.sans.org and several other sites are reporting a bogus e-mail from Microsoft containing malicious code, an example of which is below. In addition to the various technical measures that can be taken such as blocking executables in e-mail, effective spam filtering, A/V protection, and endpoint protections, users should also be reminded to be on alert for these types of issues. Besides telling them to never click on these types of items, and not giving them the local rights to accomplish this, I believe we can go further in order to promote more security conscious activities at home, and hopefully reduce the number of zombied systems available for bot herders. In this example it is easy to spot the poor grammar in the e-mail as a sure giveaway that this is bogus. OK, my grammar is not exactly perfect either, but that is not the point. Now Microsoft or any company would most likely never distribute updates in this manner, but hopefully any valid communication from a company of this size would certainly not contain as many errors as I have illustrated below in bold, and that is exactly one of the items I point out to end users in classes I teach. My guess is that someone for whom English is not his or her native language wrote this – a former or current Russian state would be my guess.
Dear Microsoft Customer,Please notice that Microsoft company has recently issued a Security Update for OSMicrosoft Windows. The update applies to the following OS versions: MicrosoftWindows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft WindowsXP, Microsoft Windows Vista.Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.Since public distribution of this Update through the official websitehttp://www.microsoft.com/ would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users. As your computer is set to receive notifications when new updates are available, [how do they know that?] youhave received this notice. In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine.
In that case,at this point the upgrade of your OS will be finished.We apologize for any inconvenience this back order may be causing you.
No comments:
Post a Comment