Don't update via email! - Fake MS update
01.25.2010 - "... spammers seem ready to pounce on the press attention towards the recent out-of-band release of MS10-002 to scare users into downloading fake updates via email. We have been seeing messages pushing a Microsoft update via a link... The URL in the spam messages leads to a file called "update2010.scr" which currently has low detection rates*... The site hosting these fake updates is located in the Netherlands, and we have also seen that it's hosting the same file, under a different extension, called "update2010.exe". The icon of the file, once downloaded, is also believable... Remember that Microsoft won't ever send messages for Windows updates, so please don't download and run this file. This probably won't be the only lure of this kind, so be diligent and remember not to click on links from unsolicited emails..."
File update2010.scr received on 2010.01.25 17:42:14 (UTC)
Result: 7/40 (17.50%)
... Microsoft does not send unsolicited communications about security updates
Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, cyber criminals can and have sent -fake- security communications that appear to be from Microsoft. Some of these messages lure recipients to Web sites to download spyware or other unwanted software. Others include a file attachment that contains a virus.
How to help verify the legitimacy of a security-related e-mail
• Legitimate notifications do -not- include software updates as attachments. We -never- attach software updates to our security communications. Rather, we refer customers to our Web site for complete information about the software update or security incident.
• Legitimate notifications are also on Microsoft.com. We never send notices about security updates or incidents until after we publish information about them on our Web site. Check the Microsoft Security Updates page* to see whether the information is listed there.
Edited by apluswebmaster, 26 January 2010 - 09:40 PM.