They are getting smarter, so you need to be even smarterer. You are probably used to seeing bogus emails and web pop-ups telling you that your computer is infected and you need to download and install an antivirus program. Conveniently they always have one attached that is perfect for your computer. If you are not already aware - these are all malware - virus infectected files, spyware, trojans, and generally bad stuff.
No anti-spam/virus software company will ever send you a file directly to your email address and ask you to install it. They just don't. Even if you see a message pop up on your screen, the safest course of action is to open the security software you already have (you do have some right?) and manually run updates and scans from there.
What triggered this blog post was an email I received this morning from "Microsoft" essentially accusing me of spreading viral files. It occurred to me that many, many people may be convinced to open the attachment and infect them selves unwittingly just based on the fact that it appeared to have come from Microsoft. Here is the actual message:
Dear Microsoft Customer,
Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.
To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division
Of course it is completely bogus. Microsoft does not monitor viral activity, particularly not down to an individual PC level. Even if Microsoft did see a problem, they would distribute a patch through their "update" services. However, all you have to do is to actually read it because people at Microsoft would not have let this go out with grammar and spelling mistakes.
This is typical of the growing trend in social engineering used by malware distributors. There are two common ways to infect computers - send an infected file to someone, or trick them in to infecting themselves. Don't be the later.
No comments:
Post a Comment