/>
X
Innovation

Beware of bogus Microsoft security bulletins

Organisations are being warned to be on the lookout for fake Microsoft security bulletins which spammers sent out yesterday to thousands of companies in the US and the UK.Security vendor Sophos said the bogus bulletins were sent via e-mails with the subject line "Microsoft Security Bulletin MS07-0065".
tom-espiner.jpg
Written by Tom Espiner, Contributor on

Organisations are being warned to be on the lookout for fake Microsoft security bulletins which spammers sent out yesterday to thousands of companies in the US and the UK.

Security vendor Sophos said the bogus bulletins were sent via e-mails with the subject line "Microsoft Security Bulletin MS07-0065".

Once users click on a link they are taken to one of many Web sites hosting a malicious piece of code Sophos is calling "Mal/Behav-112".

The security company said that, although antivirus products will now have been updated, users' machines could still become compromised if the compromised Web sites are made to point to a zero-day exploit.

"This is clever social engineering," said Sophos' senior technology consultant Graham Cluley. "The e-mails are addressed to the person by name, and a spurious licence key is given to make the e-mails seem more trustworthy."

The latest real Microsoft security advisory is MS07-0035.

Tom Espiner reported for ZDNet UK from London

Editorial standards

Related

Southwest Airlines has a big problem and customers may not know it
screen-shot-2022-09-27-at-9-38-07-am.png

Southwest Airlines has a big problem and customers may not know it

American Airlines may end a real customer advantage for a sad, twisted reason
screen-shot-2022-07-06-at-4-32-47-pm.png

American Airlines may end a real customer advantage for a sad, twisted reason

I went to an Apple store and all I heard was bad news
iPhone 14 Pro and Pro Max

I went to an Apple store and all I heard was bad news