Jump to content

Fake Microsoft Security Bulletin Email

Recommended Posts

  • Moderators

US-CERT has received reports of an email message circulating purporting to be a Microsoft Security Bulletin. The email directs the user to download and install an executable that is supposed to be a cumulative patch. Through the use of social engineering that attacker is hoping to trick the user into thinking they will be installing a cumulative patch when in fact they are installing a version of SDBot, a commonly used Trojan horse.


This variant of SDBot is part of a family of backdoor Trojan horse programs commonly controlled remotely by an attacker via Internet Relay Chat (IRC). Some variants of SDBot may not be detected by anti-virus applications.


In 2003, a similar email message masquerading as a Microsoft Security Bulletin was circulated via email. Users that clicked on the link in this email message were infected with the Swen mass-mailing worm.


US-CERT recommends:


* Users do not follow unsolicited web links received in email messages.

* Users should manually type in the URL when attempting to go to the web sites recommended in an email.

* Users install anti-virus software, and keep its virus signature files up-to-date.

Your Friendly Neighborhood Piriform Forum Moderator

Quick Links: CCleaner Products | CCleaner Documentation | Knowledge Center | Downloads | Lost License Key

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.