Fake Windows Update Email

27 April 2005

Well Microsoft believes that the grace period is over and wants everyone to jump on board and get Service Pack 2 (SP2) installed. I know everyone has an opinion on the Service Pack—some good some not so good—but it really is only a matter of time. Do you know anyone without SP1 on his or her XP machine? I hope not.

As you may also know, Microsoft has picked the second Tuesday of the month to run their new security patches.

These two issues have really set the stage for a new attack on windows users. Hackers have decided to try and slip one by your defenses with a Phishing/Trojan scam. You may get a spoof emails that link to a bogus Microsoft site where the hackers get you. If successful in their efforts, the ambushed PC will be infected with the TrojDSNX-05, a back door Trojan that attempts to gain control over your system. With control of your system the hacker will more than likely use you (of course unknowingly) as a spam server to mail out huge amounts of spam in your name. If a network PC happens to get infected, then a denial of Service, exploitation of network shares, and further infection are something you may look forward to.

The TrojDSNX-05 is not the newest virus on the block and can be controlled if you have decent anti-virus software that is up-to-date. The Trojan isn’t the biggest issue here—I thought it was important to remind and inform that…

Microsoft will never send you an email reminding you to update.

Very similar to the fact that companies will never send you an email asking you to reply with your credit card and account info in order to fix some discrepancy with your account. In fact, if you ever receive any emails that seem “Phishy” to you, try going directly to the company web site (not the link in the email) and see for yourself what’s going on.

As far as SP2 goes, if you haven’t installed it yet I suggest doing it on your own terms—backup all your important data (pictures of the family, documents, whatever is important) set a system restore point. Go out to the manufacturer’s site of your favorite programs and see if there are any known issues, FAQ’s, or patches. If so, follow the instructions to properly install any necessary components and follow any necessary procedures in the exact manner in which the instructions describe. After this you should have all your bases covered, and feel comfortable installing SP2.

Stay safe out there,

~ Chad

Chad Stelnicki

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.