Hot on the heels of my posting about the upcoming Patch Tuesday with its four critical patches is a report by SANS Internet Storm Center about a new scam. In this instance, the ill-doers send out fake security bulletins in an attempt to trick victims into installing malicious software on their computers.
According to Network World, the e-mail messages in question claim to be a “Cumulative Security Update for Internet Explorer.”
Of course, it comes with a nice little link helpfully titled “Download this update.” The rest, they say, is a case of a very unhappy IT support staff at your terminal
It might be worth noting that while Microsoft does send out notification e-mails when it comes to security bulletins, these notifications invariably link to the bulletins themselves, never to executable downloads.
Will such a scam succeed in your workplace? Or is a plethora of security systems already in place to stop it even before the user sees it? Join the discussion.
Sunday, December 9, 2007
Microsoft fake security alerts
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment