Fake Microsoft Security Bulletin Email

[TwistedMetal]

US-CERT has received reports of an email message circulating purporting to be a Microsoft Security Bulletin. The email directs the user to download and install an executable that is supposed to be a cumulative patch. Through the use of social engineering that attacker is hoping to trick the user into thinking they will be installing a cumulative patch when in fact they are installing a version of SDBot, a commonly used Trojan horse.

 

This variant of SDBot is part of a family of backdoor Trojan horse programs commonly controlled remotely by an attacker via Internet Relay Chat (IRC). Some variants of SDBot may not be detected by anti-virus applications.

 

In 2003, a similar email message masquerading as a Microsoft Security Bulletin was circulated via email. Users that clicked on the link in this email message were infected with the Swen mass-mailing worm.

 

US-CERT recommends:

 

* Users do not follow unsolicited web links received in email messages.

* Users should manually type in the URL when attempting to go to the web sites recommended in an email.

* Users install anti-virus software, and keep its virus signature files up-to-date.

[Dheeraj]

it is not that easy to fool win server 2003

 

it offers high security over internet

[LEEnoble]

it is not that easy to fool win server 2003

 

it offers high security over internet

 

<{POST_SNAPBACK}>

 

 

 

Are you a muppet?

[Andavari]

Kermit!