Print this article  |  E-mail this article  |  Comment on this article

Windows Update Scam Fooling Users

By Ed Oswald, BetaNews

April 8, 2005, 3:58 PM

A new scam by hackers has some people believing they are receiving an e-mail about a critical update to Windows when in actuality they are installing a Trojan horse, Sophos said on Friday. The e-mail directs victims to a fake version of the Windows Update site, where there are links to download the malicious "patches."

"The email uses the Microsoft branding and style so to the casual observer it appears to be legitimate," Gregg Mastoras, Senior Security Analyst at Sophos, told BetaNews.

If users download the "patches," they are actually installing the Troj/DSNX-05 Trojan horse that lets the attackers remotely take control of the infected PC.

People may be more apt to click on the links since the e-mails are coming around the same time as Microsoft's April security updates. Microsoft, since making a commitment last year to better secure its products, has been issuing aggregate updates each month, sometimes with as many as a dozen patches at a time.

Mastoras, however, disagreed with that theory. "My assumption is most people don't know Microsoft's security update schedule, so I don't think that influences the timing," he said.

Most updated anti-virus programs should pick up the Trojan before it has a chance to install.

Nonetheless, Sophos is urging users to watch what they download. "Clicking on a link in an e-mail is equivalent to downloading a file onto your computer. So if you don't know who is sending you the e-mail or it is unsolicited, users should delete the e-mail," Mastoras added.

Add a Comment (24 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By Altman

posted Apr 11, 2005 - 1:14 PM

I'd hate to say it but I think BetaNews is a little behind. I started receiving this type of scam in October of 2003. For a while I was getting about 4 of them an hour. I'd come in after a weekend with about 150 of those emails.

Score: 0

By Morsel

edited Apr 11, 2005 - 11:15 AM

That is a funny one!! Poor poor us, Windows users..

Score: 0

By genblood

posted Apr 11, 2005 - 9:49 AM

Microsoft doesn't send a virus alert to the
general PUBLIC .... You might get one from you
local ISP ... People need to think more before
clicking on links in emails they get ...

Microsoft stopped adding in active links in
its email a long time ago. An if you aren't doing
some type of beta testing for Microsoft you
should just delete it.

You should have your OS setup to access
patches already. If not, take the time now and do
it. You can even click the update icon yourself.

Score: 0

By NULLedge

posted Apr 9, 2005 - 5:53 PM

In OS X you click on the apple in the upper left corner, click "software update" and it scans for updates not unlike most smartly designed software out there. At what point did the web become so secure that patches and software updates for your base operating system could be issued through your web browser.

This is simply one more example of browser integration gone too far IMO and I don't see why it would come as a surprise to anyone who's ever fallen victim to the relentlessly reoccurring holes in any microsoft products.

Score: 0

By sisyfoss

posted Apr 10, 2005 - 5:04 PM

You seem to understand the issue here... this trojan isn't exploiting any hole in the software; rather, it's trying to fool people into thinking it's a legitimate patch and run the program.

Score: 0

By Squire72

posted Apr 9, 2005 - 12:23 PM

The average computer user doesn't care about knowing the technical aspects of computers, and only a moron would expect them to.

Get off your high horses.

To the average user, a computer is an appliance, like a TV or a cellphone - that's how they're marketed, and that what people expect... appliances that just work, and are inherently safe.

The fact that you have to be an expert of some sort to keep a computer safe is what's asinine...

You folks are all experts to some degree - you know how to protect yourselves, and you know how to clean things up if something nasty gets into your systems. Odds are you learned more about computers because you wanted to - all you can do is give people good advice on how to use their computers, and stop being so freaking arrogant.

Score: 0

By PhoenixPath

posted Apr 11, 2005 - 1:28 PM

The average computer user needs to get a clue.

You're telling me that they shouldn't be expected to know how to do this...I tell you that you are dead wrong.

Every day we are inundated with stories about spam and viruses. You'd have to live under a rock not to know that the use of a PC connected to the internet is unsafe without being protected. Lack of motivation/intelligence/prior knowledge is no longer an acceptable excuse.

Just like you can't leave your oven open while cooking, you can't leave your system open while online. Just because it is an 'appliance' doesn't make it inherintly safe.

These users are not only dangerous to themselves, but to everyone else as well. Their systems, unprotected, are easily hijacked by these adware programs and virii and become 'Zombies'. Spreading their malware to anyone who has the poor luck of being in their address-book, or hit by one of their port-scans.

Anyone out there who owns and uses a PC to connect to the internet has a personal responsibility to make sure that they're system is protected. Especially since this can EASILY be done free of charge. 3 simple programs is all it takes to secure a system against *most* threats.

ZoneAlarm firewall (FREE)
MS Anti-Spyware or Lavasoft Ad-Aware (FREE)
To many AV programs to name...(FREE)

90% of the ISPs out there are now also offering ad/spam/virii blocking packages to their service...also free of charge. All it takes is a few clicks from the user to download and install.

Score: 0

By athome

edited Apr 11, 2005 - 1:54 PM

Yes! Thank you for those words. I feel the same way, and it is appauling to here what some people say in these articles. We need to be giving the public our assistance rather than just bashing them. I educate all of my customers on the many problems with the Internet - not even to say there are many techs out there that don't know JACK!

Also, many of the so-called Ad- cleaning programs out there are Ad-serving. What people think they are getting is not what they actually need.

Most people think that if they go to Doctor and he/she tells them that they have cancer, they will beleive them. Some, only some, know that people make mistakes and will seek out a second opinion. They take them at face value, thinking they are getting the service and care that they should be, but often not the case.

I will get off my soapbox now.

Score: 0

By horsecharles

edited Apr 10, 2005 - 6:36 AM

I agree with you up to a point-- but if a computer's gonna become such a crutch in people's lives AND hold so much of their critical personal & work data-- then they'd BETTER develop more Responsibility: if not for themselves, then at least for others & the planet they live in-- exactly as from a Medical Health standpoint: not spreading contagion or spawning evil zombies to cause widespread havoc.....

Score: 0

By bourgeoisdude

edited Apr 11, 2005 - 11:00 AM

That's how I see it. Yes, people treat them like an appliance, but unlike your washer, TV, and cell phone (ok, cell phones can store important data now too), computers store personal data, and with every computer vendor I'm aware of the data is the user's responsibility. They'd better learn about at least backing up their data, they are stupid not too but hey, their loss. As a computer support phone technician it can be very frustrating the dumb things people do when they haven't a clue, but hey, it keeps me employed! Bottom line: people SHOULD know better, but they don't. Not my fault.

Score: 0

By some guy

posted Apr 9, 2005 - 8:53 AM

got to lol at this one. I repaired my friends computer ,he got a devource and she got it all but the pc lol cause she opened evry attachment that she could get , like microsoft longhorn OS .exe only 5 megs, lol must have been 300 viruses,,

Score: 0

By shy_one

posted Apr 9, 2005 - 2:48 AM

It has been mentioned on the tv radio news papers and internet a million times already DO NOT OPEN UNSOLICITED EMAIL.

Heck don't even open attachments from your friends unless your expecting something or ask them if they sent you something at the very least.

Why is it with all the warnings put out there that people can't get the message threw thier heads.

The internet is a dangerous place and common sense is needed or else you risk lossing data or worse yet having your identity stolen.Treat everything the same as you would as if it was someone at your door now would you just give out all your information if someone showed up at your door wearing lets say a jacket with the symbol of the bank you deal with or would you investigate it a bit more.

With the internet you are basicaly having the world at your door and common sense should dictate who/what you let in sure you might acidentaly let something bad in nobodys perfect but with common sense that would be minimised.

Score: 0

By athome

posted Apr 11, 2005 - 11:15 AM

You make good sense, but the fact of the matter is that when it comes to "good sense", you need to have some knowledge of what is going on and how it is being done. Most people don't. The terminology and concepts are foreign to the millions of people that play on them. They are appliances as stated previously. I have customers that feel that once their computer gets infected with a virus or a hack, they need to go out and buy a new computer. It isn't their fault for not being told what it is all about.

Score: 0

By shy_one

posted Apr 12, 2005 - 2:00 AM

I blame the internet service providers as much as i blame the people who treat thier comps just like an apliance. When someone goes to sign up for service a quick test should be given and if the person fails(which a neebie would) the ips could just take them to the side and give a quick demonstration on how easily a computer could be hacked and information stolen or damaged.

The government should also step up to the plate on this how much does it cost them to have the police investigate identity theft. The government should hold some sort of seminar every couple of months depending on size of the city and demand just a half day course or something to teach basic computer security and awareness of how these scams work.

Score: 0

By athome

posted Apr 12, 2005 - 9:55 AM

You have a great idea, but the goverment should not be the one teaching. My business does this. Hourly charge! People will be oblivious until something happens to them, there data, or identity information. Until that time, I will educate and make some money. It is all part of the Internet Evolution.
I believe we are still in the infancy stage of the Internet. So many technologies, issues, and challenges. Develope your niche and take bite out of it, mold it, or even just ride it out. There is money to be made, why not take it.

Score: 0

By dannysalerno7

posted Apr 8, 2005 - 6:18 PM

I completely agree with you on that comment.. Just how dumb can ONE be not to notice.. Newbies.. Gotta love'em

Score: 0

By GoodThings2Life

posted Apr 8, 2005 - 9:52 PM

It's not just new users... it's uneducated users and lazy users (those who just don't pay attention to what they're doing, and/or don't care).

Score: 0

By pjlasl

posted Apr 8, 2005 - 5:53 PM

received email alerts from microsoft for critical updates. Those who use automatic updates will receive a little message on the taskbar, not email. If you are dumb enough to open any link in your emails, then you deserve to be hit with a trojan or virus...think people, think!!

Score: 0

By jaelanicu

posted Apr 8, 2005 - 9:00 PM

Well... not all people are smart enough. Most of computer users are beginners and even some intermediate users are still don't know much about trojans and viruses. Smarter people should inform and warn them about the danger of email attachment. Especially emails which they don't know the sender.

Score: 0

By javip

posted Apr 9, 2005 - 6:05 AM

if they fall for it they deserve it.
Do you feel sorry for someone whose house gets broken into because they left the door wide open with a sign at the front saying "house open, no one is home"?

these dumba**es are simply being left behing and will eventually die out through the process of evolution =)

Score: 0

By XiND

edited Apr 8, 2005 - 8:57 PM

> I never received email alerts from microsoft
> for critical updates. Those who use automatic
> updates will receive a little message on the
> taskbar, not email. If you are dumb enough to
> open any link in your emails, then you deserve
> to be hit with a trojan or virus...think
> people, think!!

Microsoft does, as a matter of fact, have e-mail alerts for updates - the diference is you sign up for these. They look a bit like this:

------------------------------------------------------------
MICROSOFT SECURITY UPDATE ALERT
January 11, 2005

SECURITY UPDATE INFORMATION
Microsoft has released several security updates that address newly
discovered issues in Microsoft Windows. Information about these
updates and which software is affected is available on the
Microsoft.com Security Web site:
http://go.microsoft.com/?LinkID=1834676
------------------------------------------------------------

They are PGP-signed by the way.

However I do agree with your closing statement; people should use their damn brains.

Score: 0

By apfraats

edited Apr 8, 2005 - 8:02 PM

Do not be foolish !
Using links in e-mail is what I do daily.
See no problem in that, it's a fine feauture to get where you want to be, without doing stupid copy & paste handlings !
Yes, trusting an e-mail form a fake 'microsoft' should alert you, especially concerning 'updates'.
Everybody (almost) knows how this proces works, but if youre new to this, and every day there are lots of people, you may get fooled.
I think there had been a day in the past you started from scratch too. Everybody had.
So this kind of making a comment has no use of all. Or are you trying to be 'big brother' or 'the guy who knows it all' ??
Well good luck with it.
It's not a very constructive way of behaving. It's almost like you can build youre first tower with nice red, blue and yellow blocks, at the age of three.......
Using a good firewall and an active virusscanner whitch always scans youre e-mail including attachments and is scanning everything you download, is enough to be sure that e-mail links can't do you any harm. In fact it's the same as typing an URL in IE. So what ????
Nice it would be for you if someone is smart enough to fool youre 'automatic update' and you see youre beloved taskbar message.....

Score: 0

By TwistedSoul

posted Apr 11, 2005 - 8:39 AM

couldn't agree more

Score: 0

By horsecharles

posted Apr 8, 2005 - 9:35 PM

It's like spam, pyramid, psychic readings, credit repair, pills that enlarge breasts & other appendages, creams that dissolve excess fat & cellulite, etc.: just one tenth of one percent positive response from a pitch to billions/millions/thousands-- heck, even to only hundreds... can set one up for life.

Score: 0

Dec 4 - 11:47 AM ET The storm hits AT&T, with a five-digit headcount reduction

Dec 4 - 11:42 AM ET TV sports adopts Web coverage, plays with iPhones

Dec 4 - 11:24 AM ET Microsoft seeks 'community' help to make IE8 Standards Mode work out

Dec 4 - 10:43 AM ET Hitachi GST and Intel make a solid-state deal

Dec 3 - 11:36 PM ET Yahoo cedes Internet radio operations to CBS

Dec 3 - 5:54 PM ET Big BCS bowl game to land at CES 2009...in 3-D!

Dec 3 - 4:58 PM ET Songbird 1.0 music player makes a landing

Dec 3 - 3:41 PM ET Ted Rogers (1933-2008), giant of Canadian tech and media

Dec 3 - 2:27 PM ET Analysts: PC growth will slow, while notebooks remain a bright spot

Dec 3 - 1:58 PM ET RIM's third quarter outlook shouldn't shock, but does anyway