Have you received an email seemingly from Microsoft's security team telling you to "Update your Windows"? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer?
Well, think twice before following the instructions.
Cybercriminals are up to their old tricks, spreading malware under the disguise of a critical security patch from Microsoft.
In the current example, they've spammed out an email containing a worm, which even quotes the real name of a senior member of Microsoft's security team - Steve Lipner - to try to fool you into believing it is genuine.
The emails have a subject line of "Update your Windows" and contain the following text:
Of course, Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments. Nevertheless, there have been a series of attacks that have abused his name in the past.
With so much effort being taken by the cybercriminals to hoodwink unsuspecting computer users, though, you would have thought they would have not made an elementary mistake in their forged email header. The messages we've seen claim to come from email@example.com
That's right. "microsft".
SophosLabs had added detection of the malware as W32/Autorun-BMF, and in addition the ZIP file is detected as Mal/BredoZp-B.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
CylanceEDGE™ from BlackBerry simplifies and secures hybrid work while transforming network security. Remote and in-office teams require secure access that enables work from anywhere – and VPNs are just not up for the challenge. Zero Trust Network Access (ZTNA) solutions are a much better alternative. CylanceEDGE, enables secure access to your organization's data and applications so they're accessible only to those with the proper credentials. Users will be happier and more productive, and your teams will enjoy simplified administration and surprising flexibility. Close the VPN security gaps and upgrade to CylanceEDGE.
Enable secure work from anywhere
Protect information from diverse threats
Allow users to work on any healthy device
Enable digital business transformation and cloud migration