Virus writers are still sticking to the oldest tricks in the book to sucker people into downloading their malware,
An email, which claims to come from Microsoft, has an attachment that says it is a Windows patch.
Insecurity outfit Sophos claims that some people are falling for the fairly obvious virus scam because it was spammed to people on a Tuesday.
Since Redmond sends out its patches on a Tuesday but people have seen the email was actually signed by Steve Lipner – a senior member of Microsoft’s security team – so it must be valid.
Alternatively they might just be brain dead and forgotten that Microsoft does not send out its patches by email.
Redmond does not often send out mail packed full of spelling mistakes, nor use a reply header firstname.lastname@example.org.
Sophos detects the attached KB453396-ENU.exe file as a flavour of the Autorun worm. It has spotted two different species, W32/Autorun-BMF, and in addition the ZIP file is detected as Mal/BredoZp-B. They are often used to propagate malicious payloads, such as a backdoor, password stealer, or some other kind of trojan.
One would think the days of installing malware by asking the user to do it would be over, but it appears the old methods are still the best.