The Way Too Convincing Virus

Last Updated on: 29th September 2013, 01:40 pm

I feel I have to warn folks about this, because I could see some naive people falling for this latest virus. I have received 2 of these and a friend got one and almost fell for it, but then went “Wait, that doesn’t sound right.” Thank god she did. I mean, she has Nod32 Antivirus, so I’m pretty sure she’d be ok, but why tempt fate?

The emails say they’re from an address at either Microsoft or Adobe. They claim to be an update for Internet Explorer, or the Malicious Software Tool, or the subject line has an MS patch number in it. That, right there, is all you need to know to realize they’re bad news. Microsoft and Adobe dont send out updates by email! You get Microsoft updates by going to Microsoft Update on the second Tuesday of each month, which by the way, is next Tuesday, and you get Adobe updates by either using the updater in your adobe products or going to various sections of adobe.com. Microsoft, at least, has explicitly said that they will not send updates via email.

At the top of the email is a link that instructs you to click there and download said patch, but below that is where it gets creepy. They have essentially copied the look and feel of an official microsoft email. It reads:

About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

�2008 Microsoft |
Unsubscribe |
More Newsletters |
Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

I checked to see where the “unsubscribe,” “more newsletters,” and “privacy policy” links go, and they just go to msn.com. But that first link certainly doesn’t go to a good place, not at all. Don’t worry, I didn’t click it, or any other link in the message for that matter, I just copied it down. To everyone who doesn’t know, Microsoft wouldn’t have you downloading IE7 or a patch from some server in Poland. The virus authors even have labeled the executable file itself as “ie7.exe”. I have to give these assholes points for trying.

In the same vein, I have received tons of fake CNN alerts that look like the real thing. So if you didn’t sign up for CNN alerts, these are definitely bad news, and if you did sign up for the alerts, I would say be really careful when looking at your CNN alerts. If in doubt, right click a link in the alert and select copy shortcut. Then paste it somewhere like notepad or word or something and have a look at it. If it looks legit, then click away. If not, for example if it does not go to CNN, well, I guess you know you’re looking at a virus.

Ug, it’s getting harder to say that people who infect themselves with email viruses are stupid.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.