Virus Alert: Beware fake Microsoft patch e-mails

Microsoft Security alerts are such a part of computing life that virus writers have now created spoof security alert e-mails to trick users into activating a trojan horse program.

Symantec's security response blog recently reported on the appearance of fake Microsoft Security Bulletins that either carried the Trojan.Dropper virus as an attachment, or included infected links in the e-mail.

The blog posting includes an example message purporting to be MS06-602, a cumulative security update for Internet Explorer. It's a plausible sounding message an an extremely clever piece of what security experts call "social engineering" to trick people into activating the malicious code - but no such bulletin exists.

"We urge users to refrain from opening files or clicking links in e-mails from unknown sources," writes blog contributor Vikram Thakur.

"We recommend all users to always keep their computers up-to-date on latest patch levels for all software installed. In doing so, it's important that users always download these patches from the original software vendor sites, by visiting the sites themselves rather than following links in e-mails or other third-party Web pages."

By John Stokdyk for our sister site, AccountingWEB.co.uk

You may like these other stories...

If you're thinking that bitcoin and digital currency generally are merely some one-off flash in the pan, the new Digital Currency Council would argue otherwise. The council launched in September and already had 400...
Sponsored Content from Confirmation.com: AccountingWEB takes a look at confirmations in audit engagements, how they can serve as a doorway to fraud, and what you can do about it. Today, auditors have to fight fire with...
If your small-business clients are on the fence about cloud accounting, they've got plenty of company. A recent survey by market researcher and consultant Software Advice indicates a decidedly mixed view by respondents...

Already a member? log in here.

Upcoming CPE Webinars

Oct 21Kristen Rampe will share how to speak and write more effectively by understanding your own and your audience’s communication style.
Oct 22This webinar will include discussions of important issues in AU-C 800, Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks.
Oct 23Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.
Oct 30Many Excel users have a love-hate relationship with workbook links.