Remarkably audacious

I just received, via email, a new and quite clever social-engineering attack. The return address appears to be from Microsoft, and the email claims to be providing a patch that "eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities." There's a .exe file attached, and the email even includes an official Microsoft URL for a page that discusses the patch. Everything in the email appears to be quite true, and most of the text appears to have actually been written by Microsoft. Only of course the headers are forged; this isn't from Microsoft at all, it's just Microsoft text attached to a non-Microsoft piece of software. Presumably the .exe file does something nasty if you run it. I'm guessing that this is a widespread attack, and will be all over the news in a few hours, 'cause otherwise I don't know why I would've received it. I hope not too many people lose data with this.

The real return address is from the University of Ljubljani, in Slovenia. But I'd expect that someone clever enough to put this together would also be clever enough to hide their email address better, so I'm guessing that's forged too.

Comments are closed.